Google Git
Sign in
fuchsia / third_party / sdl / d2ce4f9fa7009d2766b3d585cab8d6c9c8cab4d1
commitd2ce4f9fa7009d2766b3d585cab8d6c9c8cab4d1[log] [tgz]
authorRyan C. Gordon <icculus@icculus.org>Tue Oct 04 14:25:31 2016 -0400
committerRyan C. Gordon <icculus@icculus.org>Tue Oct 04 14:25:31 2016 -0400
tree9026587fa114d1a4056e0df4a50e807e943b2969
parent9f09fa4a563d9b2bba75d502b57bd1276d2f1f85 [diff]
Fixed potential buffer overflow in SDL_vsnprintf() (thanks, Taylor!).

Fixes Bugzilla #3441.

"When using internal SDL_vsnprintf(), and source string length is greater
than destination, the final NULL char will be written beyond destination size.

Primary issue that is SDL_strlcpy returns length of source string
(SDL_PrintString()), not how much is written to destination. The destination
ptr is then incremented by this length before the sanity check is done.
Destination string is properly terminated, but an extra NULL char will be
written beyond destination buffer length.

Patch used internally is attached which fixes primary issue with SDL_strlcpy()
in SDL_PrintString() and adjusts sanity checks to increment destination ptr
safely."
1 file changed
tree: 9026587fa114d1a4056e0df4a50e807e943b2969
  1. acinclude/
  2. android-project/
  3. build-scripts/
  4. cmake/
  5. debian/
  6. docs/
  7. include/
  8. premake/
  9. src/
  10. test/
  11. VisualC/
  12. VisualC-WinRT/
  13. visualtest/
  14. Xcode/
  15. Xcode-iOS/
  16. .hgignore
  17. Android.mk
  18. autogen.sh
  19. BUGS.txt
  20. cmake_uninstall.cmake.in
  21. CMakeLists.txt
  22. configure
  23. configure.in
  24. COPYING.txt
  25. CREDITS.txt
  26. INSTALL.txt
  27. Makefile.in
  28. Makefile.minimal
  29. Makefile.pandora
  30. Makefile.psp
  31. Makefile.wiz
  32. README-SDL.txt
  33. README.txt
  34. sdl2-config.cmake.in
  35. sdl2-config.in
  36. sdl2.m4
  37. sdl2.pc.in
  38. SDL2.spec.in
  39. TODO.txt
  40. VisualC.html
  41. WhatsNew.txt