projects / oweals / cde.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a128f8e)
dtcreate: Fix major buffer overflow
authorFrederic Koehler <f.koehler427@gmail.com>
Fri, 17 Aug 2012 01:04:56 +0000 (21:04 -0400)
committerJon Trulson <jon@radscan.com>
Fri, 17 Aug 2012 01:25:22 +0000 (19:25 -0600)
This code always buffer overflowed, because exactly 2 bytes
less than were used were allocated. This led to dtcreate
crashing when hitting "Find Set..."

cde/programs/dtcreate/cmncbs.c patch | blob | history

diff --git a/cde/programs/dtcreate/cmncbs.c b/cde/programs/dtcreate/cmncbs.c
index dc356a719c2e13cc77fbcbbd755e0623312ac141..05a8b11cfe1bd8089bf142b68f58b39a7442c9a2 100644 (file)
--- a/cde/programs/dtcreate/cmncbs.c
+++ b/cde/programs/dtcreate/cmncbs.c
@@ -106,7 +106,7 @@ void activateCB_open_FindSet (Widget find_set_button, XtPointer cdata,
 
   pre = GETMESSAGE(3, 10, "Create Action");
   suf = GETMESSAGE(6, 18, "Find Set");
-  dialog_title = XtMalloc(strlen(pre) + strlen(suf) + 2);
+  dialog_title = XtMalloc(strlen(pre) + strlen(suf) + 4);
   sprintf(dialog_title, "%s - %s", pre, suf);
 
 #ifdef DEBUG
Unnamed repository; edit this file 'description' to name the repository.