93019 – extensions: snprintf, possible past the buffer access

Issue 93019 - extensions: snprintf, possible past the buffer access

Summary: extensions: snprintf, possible past the buffer access

Status:	CLOSED FIXED

Alias:	None

Product:	utilities
Classification:	Unclassified
Component:	code (show other issues)
Version:	DEV300m29
Hardware:	All Linux, all

Importance:	P3 Trivial (vote)
Target Milestone:	OOo 3.1
Assignee:	Frank Schönheit
QA Contact:	Unknown

URL:
Keywords:

Depends on:
Blocks:	92941
	Show dependency tree

Reported:	2008-08-22 10:05 UTC by caolanm
Modified:	2008-10-23 14:19 UTC (History)
CC List:	1 user (show)

See Also:
Issue Type:	PATCH
Latest Confirmation in:	---
Developer Difficulty:	---

Attachments
patch to do this (1.07 KB, patch) 2008-08-22 10:05 UTC, caolanm	no flags	Details \| Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description caolanm 2008-08-22 10:05:24 UTC

const size_t buffer_size = sizeof( buffer );
... if (something) ...
buffer[ buffer_size ] = 0;

i.e. past the buffer.

If the following patch is acceptable, I can stick it into my own workspace.

Comment 1 caolanm 2008-08-22 10:05:42 UTC

Created attachment 55938 [details]
patch to do this

Comment 2 Frank Schönheit 2008-08-22 10:45:59 UTC

please do so, looks good to me

Comment 3 caolanm 2008-08-22 11:00:00 UTC

done in cmcfixes49

Comment 4 caolanm 2008-08-30 16:07:47 UTC

cmc->fs: able to verify in cmcfixes49 ?

Comment 5 Frank Schönheit 2008-08-30 21:54:02 UTC

looks good

Comment 6 caolanm 2008-10-23 14:19:41 UTC

closed, seen in m34