From: Christophe CURIS <christophe.cu...@free.fr>
As pointed by Coverity, there is a possible (yet improbable) buffer overrun
when building the list of files to be used in the Icon Chooser dialog.
Better safe than sorry, let's use the safer function to build the complete
name, and add a little message to the user in case of problem so at least
he can know something was not right.
Signed-off-by: Christophe CURIS <christophe.cu...@free.fr>
---
src/dialog.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/dialog.c b/src/dialog.c
index 3d5d9d0..d14d336 100644
--- a/src/dialog.c
+++ b/src/dialog.c
@@ -592,9 +592,13 @@ static void listPixmaps(WScreen *scr, WMList *lPtr, const
char *path)
if (strcmp(dentry->d_name, ".") == 0 || strcmp(dentry->d_name,
"..") == 0)
continue;
- strcpy(pbuf, apath);
- strcat(pbuf, "/");
- strcat(pbuf, dentry->d_name);
+ if (wstrlcpy(pbuf, apath, sizeof(pbuf)) >= sizeof(pbuf) ||
+ wstrlcat(pbuf, "/", sizeof(pbuf)) >= sizeof(pbuf) ||
+ wstrlcat(pbuf, dentry->d_name, sizeof(pbuf)) >=
sizeof(pbuf)) {
+ wwarning(_("full path for file \"%s\" in \"%s\" is
longer than %ld bytes, skipped"),
+ dentry->d_name, path, sizeof(pbuf) - 1);
+ continue;
+ }
if (stat(pbuf, &statb) < 0)
continue;
--
2.1.1
--
To unsubscribe, send mail to wmaker-dev-unsubscr...@lists.windowmaker.org.
