[igt-dev] [PATCH i-g-t] tests/testdisplay: fix heap overflow
Jani Nikula
jani.nikula at linux.intel.com
Wed Mar 20 09:26:32 UTC 2019
On Wed, 20 Mar 2019, "Ser, Simon" <simon.ser at intel.com> wrote:
> We need to copy the terminating NULL byte too.
>
> Signed-off-by: Simon Ser <simon.ser at intel.com>
> ---
> tests/testdisplay.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/tests/testdisplay.c b/tests/testdisplay.c
> index b3657264..ff208384 100644
> --- a/tests/testdisplay.c
> +++ b/tests/testdisplay.c
> @@ -563,17 +563,17 @@ static gboolean input_event(GIOChannel *source,
> GIOCondition condition,
> return TRUE;
> }
>
> -static void enter_exec_path( char **argv )
> +static void enter_exec_path(char **argv)
> {
> char *exec_path = NULL;
> char *pos = NULL;
> short len_path = 0;
> int ret;
>
> - len_path = strlen( argv[0] );
> - exec_path = (char*) malloc(len_path);
> + len_path = strlen(argv[0]);
> + exec_path = (char*) malloc(len_path + 1);
>
> - memcpy(exec_path, argv[0], len_path);
> + memcpy(exec_path, argv[0], len_path + 1);
Ditch all of the above and replace with
exec_path = strdup(argv[0]);
BR,
Jani.
> pos = strrchr(exec_path, '/');
> if (pos != NULL)
> *(pos+1) = '\0';
--
Jani Nikula, Intel Open Source Graphics Center
More information about the igt-dev
mailing list