diff options
author | Russell Bryant <russellbryant@users.sourceforge.net> | 2008-01-10 03:24:11 +0000 |
---|---|---|
committer | Russell Bryant <russellbryant@users.sourceforge.net> | 2008-01-10 03:24:11 +0000 |
commit | 0589fa10763adc6e984f0b79bb7e6d087123063f (patch) | |
tree | 1b299603b045bfe9b00751da8ad0fb0cf0f5a695 /htdocs/developer.php | |
parent | 3b8157ecd075b7cdb103fd1a2ce1a900237bc392 (diff) |
(add patch from issue #1852385)
This patch provides a revised implementation of the strtokcpy() function in
s_path.c. It provides the following benefits:
1) Prevent potential overflow of a stack buffer. This function did nothing
to ensure that it didn't write past the end of the destination buffer.
It is possible to cause this to happen by providing certain command line
arguments that are longer than MAXPDSTRING. Also, there may be other ways
to trigger this bug if namelist_append_files() is used anywhere beyond the
uses I reviewed, which are the ones in pd/*.c.
2) Copy bytes from the string in the same loop that looks for the
delimiter. This is simply for efficiency in that the string only has to be
traversed once, instead of twice (one to find the delimiter, and the second
to copy up to it).
svn path=/trunk/; revision=9143
Diffstat (limited to 'htdocs/developer.php')
0 files changed, 0 insertions, 0 deletions