calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c7ff7b2627'
${ noResults }
gentoo-overlay/app-editors/pluma/files/pluma-1.26.0-fortify-source...

25 lines
998 B
Raw Blame History

https://bugs.gentoo.org/903860
https://github.com/mate-desktop/pluma/issues/664
https://github.com/mate-desktop/pluma/pull/665
https://github.com/mate-desktop/pluma/commit/8ca37beb259f7a62fef2005e888248ec880e44cd
From 8ca37beb259f7a62fef2005e888248ec880e44cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20Dura-Kov=C3=A1cs?= <balping314@gmail.com>
Date: Thu, 18 Aug 2022 17:44:41 +0200
Subject: [PATCH] Fix out-of-bounds write
Closes https://github.com/mate-desktop/pluma/issues/664
The size of tempfont was one byte too short, so strcpy performed an out-of-bounds write of the terminating 0.
--- a/pluma/pluma-window.c
+++ b/pluma/pluma-window.c
@@ -318,7 +318,7 @@ pluma_window_key_press_event (GtkWidget *widget,
g_strcanon (tempsize, "1234567890", '\0');
g_strreverse (tempsize);
- gchar tempfont [strlen (font)];
+ gchar tempfont [strlen (font) + 1];
strcpy (tempfont, font);
tempfont [strlen (font) - strlen (tempsize)] = 0;
Reference in new issue View Git Blame Copy Permalink