pool/sratom
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
sratom/fix-FORTIFY_SOURCE3.patch

30 lines
1001 B
Diff
Raw Normal View History

Accepting request 969353 from home:marxin:branches:multimedia:libs - Add fix-FORTIFY_SOURCE3.patch that is suggested to upstream: gh#lv2/sratom#6 OBS-URL: https://build.opensuse.org/request/show/969353 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/sratom?expand=0&rev=22
2022-04-12 15:30:06 +00:00
From 03ea6915c99b9ca0d8ac576e4cfd1c2eca62338c Mon Sep 17 00:00:00 2001
From: Martin Liska <mliska@suse.cz>
Date: Mon, 11 Apr 2022 09:14:28 +0200
Subject: [PATCH] Fix buffer overflow detected with -D_FORTIFY_SOURCE=3.
Correctly set maximum buffer length for snprintf call.
Fixes: #5.
---
src/sratom.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/sratom.c b/src/sratom.c
index 692257d..b6ba7ed 100644
--- a/src/sratom.c
+++ b/src/sratom.c
@@ -334,10 +334,11 @@ sratom_write(Sratom* sratom,
new_node = true;
datatype = serd_node_from_string(SERD_URI, USTR(LV2_MIDI__MidiEvent));
- uint8_t* str = (uint8_t*)calloc(size * 2 + 1, 1);
+ size_t strlen = size * 2 + 1;
+ uint8_t* str = (uint8_t*)calloc(strlen, 1);
for (uint32_t i = 0; i < size; ++i) {
snprintf((char*)str + (2 * i),
- size * 2 + 1,
+ strlen - (2 * i),
"%02X",
(unsigned)*((const uint8_t*)body + i));
}
Reference in New Issue Copy Permalink