Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.0:Update
aubio.10705
CVE-2018-19800-tempo-fix-buffer-overflow-in-met...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-19800-tempo-fix-buffer-overflow-in-method-parser.patch of Package aubio.10705
From b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5 Mon Sep 17 00:00:00 2001 From: Paul Brossier <piem@piem.org> Date: Sat, 24 Nov 2018 17:17:29 +0100 Subject: [PATCH] [tempo] fix buffer overflow in method parser --- src/tempo/tempo.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/tempo/tempo.c b/src/tempo/tempo.c index 80c89e99c60f..a52beaf5fefb 100644 --- a/src/tempo/tempo.c +++ b/src/tempo/tempo.c @@ -168,7 +168,7 @@ aubio_tempo_t * new_aubio_tempo (const char_t * tempo_mode, uint_t buf_size, uint_t hop_size, uint_t samplerate) { aubio_tempo_t * o = AUBIO_NEW(aubio_tempo_t); - char_t specdesc_func[20]; + char_t specdesc_func[PATH_MAX]; o->samplerate = samplerate; // check parameters are valid if ((sint_t)hop_size < 1) { @@ -203,9 +203,10 @@ aubio_tempo_t * new_aubio_tempo (const char_t * tempo_mode, o->pp = new_aubio_peakpicker(); aubio_peakpicker_set_threshold (o->pp, o->threshold); if ( strcmp(tempo_mode, "default") == 0 ) { - strcpy(specdesc_func, "specflux"); + strncpy(specdesc_func, "specflux", PATH_MAX - 1); } else { - strcpy(specdesc_func, tempo_mode); + strncpy(specdesc_func, tempo_mode, PATH_MAX - 1); + specdesc_func[PATH_MAX - 1] = '\0'; } o->od = new_aubio_specdesc(specdesc_func,buf_size); o->of = new_fvec(1); -- 2.16.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor