[PATCH 2/4] check string length before calling strcpy
Peter Hatina
phatina at redhat.com
Mon Apr 2 03:13:25 PDT 2012
---
SpiceXPI/src/plugin/controller.cpp | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/SpiceXPI/src/plugin/controller.cpp
b/SpiceXPI/src/plugin/controller.cpp
index 23c853b..4c6ce9f 100644
--- a/SpiceXPI/src/plugin/controller.cpp
+++ b/SpiceXPI/src/plugin/controller.cpp
@@ -96,6 +96,8 @@ int SpiceController::Connect()
struct sockaddr_un remote;
remote.sun_family = AF_UNIX;
+ if (m_name.length() + 1 > sizeof(remote.sun_path))
+ return -1;
strcpy(remote.sun_path, m_name.c_str());
int rc = connect(m_client_socket, (struct sockaddr *) &remote,
strlen(remote.sun_path) + sizeof(remote.sun_family));
--
1.7.7.6
----------------------------------------
More information about the Spice-devel
mailing list