[Spice-devel] [spice-gtk 3/4] coverity: avoid out of bounds access
Uri Lublin
uril at redhat.com
Tue Apr 5 12:53:47 UTC 2016
On 04/04/2016 12:13 PM, Christophe Fergeau wrote:
> On Mon, Apr 04, 2016 at 10:02:08AM +0200, Fabiano FidĂȘncio wrote:
>> ---
>> src/controller/test.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/controller/test.c b/src/controller/test.c
>> index 649aca5..2909b06 100644
>> --- a/src/controller/test.c
>> +++ b/src/controller/test.c
>> @@ -262,7 +262,7 @@ int main (int argc, char *argv[])
>> send_data (CONTROLLER_PASSWORD, (uint8_t*)PWD, strlen(PWD) + 1);
>> send_data (CONTROLLER_SECURE_CHANNELS, (uint8_t*)SECURE_CHANNELS, strlen(SECURE_CHANNELS) + 1);
>> send_data (CONTROLLER_DISABLE_CHANNELS, (uint8_t*)DISABLED_CHANNELS, strlen(DISABLED_CHANNELS) + 1);
>> - send_data (CONTROLLER_TLS_CIPHERS, (uint8_t*)TLS_CIPHERS, sizeof(TLS_CIPHERS) + 1);
>> + send_data (CONTROLLER_TLS_CIPHERS, (uint8_t*)TLS_CIPHERS, strlen(TLS_CIPHERS) + 1);
>
> sizeof("TLS_CIPHER") is not doing the right thing?
> This is consistent with the other constants anyways, so fine with me.
sizeof() includes the ending '\0', so data_size is larger by 1
than actual data.
More information about the Spice-devel
mailing list