File Fix-buffer-overflow-from-sprintf.patch of Package iniparser

Overview Repositories Revisions Requests Users Attributes Meta

File Fix-buffer-overflow-from-sprintf.patch of Package iniparser

From 1bd7c8341fc076a4795638330bc6badb78745647 Mon Sep 17 00:00:00 2001
From: James Larrowe <larrowe.semaj11@gmail.com>
Date: Sun, 9 Jun 2019 12:45:28 -0400
Subject: [PATCH] Fix buffer overflow from sprintf

Extension of #104 that includes tests
---
 src/iniparser.c       | 2 +-
 test/test_iniparser.c | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/iniparser.c b/src/iniparser.c
index fffdf9f..f1d1658 100644
--- a/src/iniparser.c
+++ b/src/iniparser.c
@@ -718,7 +718,7 @@ dictionary * iniparser_load(const char * ininame)
     char line    [ASCIILINESZ+1] ;
     char section [ASCIILINESZ+1] ;
     char key     [ASCIILINESZ+1] ;
-    char tmp     [(ASCIILINESZ * 2) + 1] ;
+    char tmp     [(ASCIILINESZ * 2) + 2] ;
     char val     [ASCIILINESZ+1] ;
 
     int  last=0 ;
diff --git a/test/test_iniparser.c b/test/test_iniparser.c
index c76529c..b7cd5fc 100644
--- a/test/test_iniparser.c
+++ b/test/test_iniparser.c
@@ -96,7 +96,7 @@ void Test_iniparser_strstrip(CuTest *tc)
     };
     const char *test_with_spaces = "I am a test with\tspaces.";
     char stripped[ASCIILINESZ+1];
-    char error_msg[128];
+    char error_msg[1060];
     unsigned i;
 
     /* NULL ptr as input */
@@ -595,7 +595,7 @@ void Test_iniparser_load(CuTest *tc)
     struct dirent *curr;
     struct stat curr_stat;
     dictionary *dic;
-    char ini_path[256];
+    char ini_path[276];
 
     /* Dummy tests */
     dic = iniparser_load("/you/shall/not/path");
-- 
2.37.1

Places

File Fix-buffer-overflow-from-sprintf.patch of Package iniparser

Places