1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From 26651394137b8db1164af91ee5e8f21386285fd4 Mon Sep 17 00:00:00 2001
From: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Date: Sat, 9 Mar 2024 12:34:36 +0000
Subject: [PATCH] clients/nycli/utils.c: Fix buffer overflow
format_url() is only assigning 255 bytes for the rpath, but the path will
be expanded by realpath() which can return a sring up to a maximum of
PATH_MAX bytes. And, so as a result, if long path names are used or
while creating playlists with multiple files we get a coredump with the
error:
*** buffer overflow detected ***: terminated
Aborted (core dumped)
Lets use PATH_MAX for rpath length so that we have buffer for the
maximum return from realpath().
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Origin: upstream, https://github.com/xmms2/xmms2-devel/commit/26651394137b8db1164af91ee5e8f21386285fd4
Bug-Ubuntu: https://launchpad.net/bugs/2018449
Last-Update: 2024-03-10
---
src/clients/nycli/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
index c97d561b4..3dbf3afb0 100644
--- a/src/clients/nycli/utils.c
+++ b/src/clients/nycli/utils.c
@@ -427,7 +427,7 @@ encode_url (gchar *url)
gchar *
format_url (const gchar *path, GFileTest test)
{
- gchar rpath[XMMS_PATH_MAX];
+ gchar rpath[PATH_MAX];
const gchar *p;
gchar *url;
|
