findutils-patches
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D c


From: Bernhard Voelker
Subject: Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D code
Date: Mon, 9 Jul 2018 14:57:05 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

On 07/08/2018 06:19 AM, Jim Meyering wrote:
> On Sat, Jul 7, 2018 at 4:13 PM, Bernhard Voelker
> <address@hidden> wrote:
>> -  static char buf[10];
>> +  static char buf[14];
> 
> Or maybe this, since you already use the intprops module, just add
> this somewhere prior: #include "intprops.h"
> 
>   static char buf[1 + INT_BUFSIZE_BOUND (info) + 1];

Even better, thanks!
I wrapped that into the attached patch in your name ... pushing soon.

Have a nice day,
Berny

Attachment: 0001-maint-use-gnulib-s-intprops-module-to-avoid-magic-nu.patch
Description: Text Data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]