Wikia

Sawfish

Buffer overflow in fonts.c

773pages on
this wiki
Talk0
Browse all patches

Author Edit

Yoshiaki Kasahara

Synopsis Edit

When I was trying to compile the source from svn on my FreeBSD box, I noticed one of port-local patches wasn't incorporated into the svn tree The following patch is for the stock 1.3 release, but it should be applied to the svn source, too.

Patch Edit

--- src/fonts.c.orig    Sun Nov  3 22:00:36 2002
+++ src/fonts.c Wed Feb  8 04:22:13 2006
@@ -131,7 +131,7 @@
            if (end == 0)
                end = p + strlen (p);
            len = end - (p + 1);
-           buf = malloc (len);
+           buf = malloc (len + 1);
            memcpy (buf, p + 1, len);
            buf[len] = 0;
            return buf;

Community's reasons for inclusion or rejection Edit

Yes vote: yes. Thanks, better to use one byte more, than to have a buffer overflow. Applied. But before making 1.3.2 I'll check with valgrind nevertheless, because from reading the code in this place I'm not 100% sure that it's needed. If valgrind will say that it's not needed I'll revert it. Janek Kozicki 16:24, 29 July 2007 (UTC)

Around Wikia's network

Random Wiki