[Mesa-dev] [PATCH] gallium/hud: avoid buffer overrun
Thomas Hindoe Paaboel Andersen
phomes at gmail.com
Sat Jan 14 23:28:54 UTC 2017
Renaming data sources was added in
e8bb97ce30051b999a4a69c9b27884daeb8d71e6
It was possible to use a new name longer than
the name array in hud_graph of 128. This
patch truncates the name to fit the array.
CC: Marek Olšák <marek.olsak at amd.com>
---
src/gallium/auxiliary/hud/hud_context.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/gallium/auxiliary/hud/hud_context.c b/src/gallium/auxiliary/hud/hud_context.c
index 7fa62a9..87070d2 100644
--- a/src/gallium/auxiliary/hud/hud_context.c
+++ b/src/gallium/auxiliary/hud/hud_context.c
@@ -1265,8 +1265,10 @@ hud_parse_env_var(struct hud_context *hud, const char *env)
strip_hyphens(s);
if (!LIST_IS_EMPTY(&pane->graph_list)) {
- strcpy(LIST_ENTRY(struct hud_graph,
- pane->graph_list.prev, head)->name, s);
+ struct hud_graph *graph;
+ graph = LIST_ENTRY(struct hud_graph, pane->graph_list.prev, head);
+ strncpy(graph->name, s, sizeof(graph->name)-1);
+ graph->name[sizeof(graph->name)-1] = 0;
}
}
--
2.9.3
More information about the mesa-dev
mailing list