GNU bug report logs - #50767
28.0.50; Warnings about snprintf in image.c on armv7l

Previous Next

Package: emacs;

Reported by: "Basil L. Contovounesios" <contovob <at> tcd.ie>

Date: Thu, 23 Sep 2021 17:05:01 UTC

Severity: minor

Tags: moreinfo, patch

Found in version 28.0.50

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Alan Third <alan <at> idiocy.org>
To: "Basil L. Contovounesios" <contovob <at> tcd.ie>, 50767 <at> debbugs.gnu.org
Subject: bug#50767: 28.0.50; Warnings about snprintf in image.c on armv7l
Date: Mon, 4 Oct 2021 22:45:06 +0100

[Message part 1 (text/plain, inline)]
On Thu, Sep 23, 2021 at 11:49:37PM +0100, Alan Third wrote:
> On Thu, Sep 23, 2021 at 11:38:06PM +0100, Basil L. Contovounesios wrote:
> > ...which would mean this only holds in the common case that
> > face_font_size has fewer than 5 digits, right?
> 
> Looks that way.
> 
> I suppose in this particular case we could limit the font size to a
> maximum of 9999 or something, but surely there's a better way of
> calculating string sizes?

I've implemented a pretty basic check so we shouldn't accidentally
overrun the buffer. See attached.

-- 
Alan Third

[0001-Fix-potential-buffer-overflow-bug-50767.patch (text/x-diff, attachment)]
This bug report was last modified 3 years and 272 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.