On Wed, 22 Aug 2012 19:37:09 +0900 Carsten Haitzler (The Rasterman) <ras...@rasterman.com> wrote:
> On Wed, 22 Aug 2012 20:27:46 +1000 David Seikel <onef...@gmail.com> > said: > > > On Wed, 22 Aug 2012 19:19:20 +0900 Carsten Haitzler (The Rasterman) > > <ras...@rasterman.com> wrote: > > > > > On Wed, 22 Aug 2012 08:40:36 +0200 rustyBSD <rusty...@gmx.fr> > > > said: > > > > > > > Le 22/08/2012 05:27, Carsten Haitzler (The Rasterman) a écrit : > > > > > On Tue, 21 Aug 2012 18:01:05 +0200 rustyBSD <rusty...@gmx.fr> > > > > > said: > > > > > > > > > >> Hi, > > > > >> == e/src/modules/illume-keyboard/e_kbd_int.c == > > > > >> line 972: if (sscanf(buf, "%4000s", str) != 1) continue; > > > > >> > > > > >> str is declared like this: char str[PATH_MAX]; > > > > >> > > > > >> Here, if PATH_MAX is < 4000, it could overflow. > > > > >> On my bsd, PATH_MAX is 1024, and I get a > > > > >> warning. > > > > >> > > > > >> Idem at line 1015 and 1030. > > > > > ok- fixed buffer. :) > > > > > > > > > Forgot line 1015: > > > > > > > > char label[PATH_MAX]; > > > > if (sscanf(buf, "%*s %4000s", label) != 1) continue; > > > > > > mike went thru and rabidly did this in lots of other places too :) > > > > I always thought he was a bit rabid. Should we have him shot? > > > > Oh wait, you meant rapid? > > no. i meant rabidly. :) i saw the foaming at the mouth. /me loads his shotgun. -- A big old stinking pile of genius that no one wants coz there are too many silver coated monkeys in the world.
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
