44 lines
1.2 KiB
Diff
44 lines
1.2 KiB
Diff
From 3e566ca4b17814de8bc100e3edadbed6e539874f Mon Sep 17 00:00:00 2001
|
|
From: Reuben Thomas <rrt@sc3d.org>
|
|
Date: Wed, 11 Sep 2019 19:46:53 +0100
|
|
Subject: [PATCH] Fix a couple of potential buffer overflows
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
---
|
|
src/java.c | 2 +-
|
|
src/testdump.c | 2 +-
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/java.c b/src/java.c
|
|
index 05367f1..4bb8bc9 100644
|
|
--- a/src/java.c
|
|
+++ b/src/java.c
|
|
@@ -88,7 +88,7 @@ transform_utf16_java (RECODE_SUBTASK subtask)
|
|
put_byte (value, subtask);
|
|
else
|
|
{
|
|
- char buffer[7];
|
|
+ char buffer[11];
|
|
char *cursor;
|
|
|
|
sprintf (buffer, "\\u%04x", value);
|
|
diff --git a/src/testdump.c b/src/testdump.c
|
|
index ff2ee9d..bd45837 100644
|
|
--- a/src/testdump.c
|
|
+++ b/src/testdump.c
|
|
@@ -254,7 +254,7 @@ produce_count (RECODE_SUBTASK subtask)
|
|
delayed--;
|
|
}
|
|
|
|
- sprintf (buffer, "%*u %.4X", (int)count_width, (*cursor)->count, character);
|
|
+ snprintf (buffer, sizeof(buffer), "%*u %.4X", (int)count_width, (*cursor)->count, character);
|
|
put_string (buffer, subtask);
|
|
if (mnemonic)
|
|
{
|
|
--
|
|
2.21.0
|
|
|