Overview

File fix-FORTIFY_SOURCE3.patch of Package sratom

From 03ea6915c99b9ca0d8ac576e4cfd1c2eca62338c Mon Sep 17 00:00:00 2001
From: Martin Liska <mliska@suse.cz>
Date: Mon, 11 Apr 2022 09:14:28 +0200
Subject: [PATCH] Fix buffer overflow detected with -D_FORTIFY_SOURCE=3.

Correctly set maximum buffer length for snprintf call.
Fixes: #5.
---
 src/sratom.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/sratom.c b/src/sratom.c
index 692257d..b6ba7ed 100644
--- a/src/sratom.c
+++ b/src/sratom.c
@@ -334,10 +334,11 @@ sratom_write(Sratom*         sratom,
     new_node = true;
     datatype = serd_node_from_string(SERD_URI, USTR(LV2_MIDI__MidiEvent));
 
-    uint8_t* str = (uint8_t*)calloc(size * 2 + 1, 1);
+    size_t strlen = size * 2 + 1;
+    uint8_t* str = (uint8_t*)calloc(strlen, 1);
     for (uint32_t i = 0; i < size; ++i) {
       snprintf((char*)str + (2 * i),
-               size * 2 + 1,
+               strlen - (2 * i),
                "%02X",
                (unsigned)*((const uint8_t*)body + i));
     }
openSUSE Build Service is sponsored by
Places