Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
icu.2360
icu-rpmlint.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File icu-rpmlint.diff of Package icu.2360
From: Jan Engelhardt <jengelh@inai.de> Reference: http://bugs.icu-project.org/trac/ticket/7808 build: resolve potential buffer overflow in icu I: Statement might be overflowing a buffer in strncat. Common mistake: BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1) E: icu bufferoverflowstrncat pkgdata.cpp:299:87 --- source/tools/pkgdata/pkgdata.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Index: icu/source/tools/pkgdata/pkgdata.cpp =================================================================== --- icu.orig/source/tools/pkgdata/pkgdata.cpp +++ icu/source/tools/pkgdata/pkgdata.cpp @@ -1914,12 +1914,12 @@ static void loadLists(UPKGOptions *o, UE const char cmd[] = "icu-config --incpkgdatafile"; /* #1 try the same path where pkgdata was called from. */ - findDirname(progname, cmdBuf, 1024, &status); + findDirname(progname, cmdBuf, sizeof(cmdBuf), &status); if(U_SUCCESS(status)) { if (cmdBuf[0] != 0) { - uprv_strncat(cmdBuf, U_FILE_SEP_STRING, 1024); + uprv_strncat(cmdBuf, U_FILE_SEP_STRING, sizeof(cmdBuf)-1-strlen(cmdBuf)); } - uprv_strncat(cmdBuf, cmd, 1024); + uprv_strncat(cmdBuf, cmd, sizeof(cmdBuf)-1-strlen(cmdBuf)); if(verbose) { fprintf(stdout, "# Calling icu-config: %s\n", cmdBuf);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor