[Bug 18045] New: Dangerous usage of strncat
http://bugs.winehq.org/show_bug.cgi?id=18045 Summary: Dangerous usage of strncat Product: Wine Version: 1.1.19 Platform: Other URL: http://cppcheck.wiki.sourceforge.net/ OS/Version: other Status: UNCONFIRMED Severity: minor Priority: P2 Component: -unknown AssignedTo: wine-bugs(a)winehq.org ReportedBy: begert(a)gmail.com CC: begert(a)gmail.com Running cppcheck 1.31 against wine 1.1.19 yeilds: [./dlls/mciavi32/info.c:257]: (all) Dangerous usage of strncat, possible buffer overrun Currently the code looks like: strncat(buffer, " seek_exactly", sizeof(buffer)); Looking at the strncat man page, perhaps better usage would be: strncat(buffer, " seek_exactly", sizeof(buffer) - strlen(buffer) - 1); -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |austinenglish(a)gmail.com Keywords| |download, source -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|begert(a)gmail.com | --- Comment #1 from Austin English <austinenglish(a)gmail.com> 2009-04-14 11:05:39 --- No need to CC yourself, you're the reporter. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 Vincent Povirk <madewokherd(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |madewokherd(a)gmail.com --- Comment #2 from Vincent Povirk <madewokherd(a)gmail.com> 2009-04-14 11:42:49 --- This is in the MCIAVI_mciSet function. The string buffer is only used to output debugging information, and all of the source buffers are constant strings. The buffer is long enough that the function won't overrun it. So this isn't really going to cause any problems. That said, because it's all debugging information from constant strings, there's no need to build a string buffer in this function at all. I'll send a patch. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 --- Comment #3 from Vincent Povirk <madewokherd(a)gmail.com> 2009-04-14 12:41:30 --- Sent patch: http://www.winehq.org/pipermail/wine-patches/2009-April/071835.html -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 James Pelcis <jpelcis(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jpelcis(a)gmail.com --- Comment #4 from James Pelcis <jpelcis(a)gmail.com> 2009-05-01 14:52:41 --- Fixed in wine 1.1.20. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |FIXED --- Comment #5 from Austin English <austinenglish(a)gmail.com> 2009-05-01 14:53:32 --- Fixed. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=18045 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Alexandre Julliard <julliard(a)winehq.org> 2009-05-08 12:52:03 --- Closing bugs fixed in 1.1.21. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org