[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[groff] 02/13: [xtotroff]: Avoid overrunning buffer write.
From: |
G. Branden Robinson |
Subject: |
[groff] 02/13: [xtotroff]: Avoid overrunning buffer write. |
Date: |
Sat, 5 Dec 2020 02:20:34 -0500 (EST) |
gbranden pushed a commit to branch master
in repository groff.
commit 29385650a04a339dbb49b684eb7b2d40ed5b6beb
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
AuthorDate: Tue Dec 1 16:37:16 2020 +1100
[xtotroff]: Avoid overrunning buffer write.
* src/utils/xtotroff/xtotroff.c (MapFont): Avoid writing past
the end of a static buffer. Problem found and patch supplied by
Bjarni Ingi Gislason. I tweaked it to comment it differently (in case
the buffer ever needs to grow, but the prospects of future X11
server-side font rendering development seem dim) and use snprintf()
instead of retaining the existing sprintf().
Quiets warning: '%s' directive writing up to 255 bytes into a region
of size between 0 and 255 [-Wformat-overflow=].
---
ChangeLog | 9 +++++++++
src/utils/xtotroff/xtotroff.c | 7 +++++--
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 0b63af5..0e03a30 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
2020-12-01 G. Branden Robinson <g.branden.robinson@gmail.com>
+ * src/utils/xtotroff/xtotroff.c (MapFont): Avoid writing past
+ the end of a static buffer. Problem found and patch supplied by
+ Bjarni Ingi Gislason. I tweaked it to comment it differently
+ {in case the buffer ever needs to grow, but the prospects of
+ future X11 server-side font rendering development seem dim} and
+ use snprintf() instead of retaining the existing sprintf().
+
+2020-12-01 G. Branden Robinson <g.branden.robinson@gmail.com>
+
* src/utils/xtotroff/xtotroff.c (CanonicalizeFontName,
FontNamesAmbiguous, MapFont, main): Format diagnostic messages
more consistently with GNU Coding Standards. Prefix with name
diff --git a/src/utils/xtotroff/xtotroff.c b/src/utils/xtotroff/xtotroff.c
index f6d316d..cf7c41b 100644
--- a/src/utils/xtotroff/xtotroff.c
+++ b/src/utils/xtotroff/xtotroff.c
@@ -130,7 +130,9 @@ static int MapFont(char *font_name, const char *troff_name)
XFontName parsed;
int j, k;
DviCharNameMap *char_map;
- char encoding[256];
+ /* 'encoding' needs to hold a CharSetRegistry (256), a CharSetEncoding
+ (256) [both from XFontName.h], a dash, and a null terminator. */
+ char encoding[256 * 2 + 1 + 1];
char *s;
int wid;
char name_string[2048];
@@ -161,7 +163,8 @@ static int MapFont(char *font_name, const char *troff_name)
return 0;
XParseFontName(names[0], &parsed, &attributes);
- sprintf(encoding, "%s-%s", parsed.CharSetRegistry,
+ size_t sz = sizeof encoding;
+ snprintf(encoding, sz, "%s-%s", parsed.CharSetRegistry,
parsed.CharSetEncoding);
for (s = encoding; *s; s++)
if (isupper(*s))
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [groff] 02/13: [xtotroff]: Avoid overrunning buffer write.,
G. Branden Robinson <=