bug#29523: 25.3; buffer overflow in ns-font-name on mac

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#29523: 25.3; buffer overflow in ns-font-name on mac

From:	Alan Third
Subject:	bug#29523: 25.3; buffer overflow in ns-font-name on mac
Date:	Sat, 2 Dec 2017 13:50:21 +0000
User-agent:	Mutt/1.9.1 (2017-09-22)

On Sat, Dec 02, 2017 at 10:10:09AM +0200, Eli Zaretskii wrote:
> > Date: Fri, 1 Dec 2017 19:43:08 +0000
> > From: Alan Third <alan@idiocy.org>
> > Cc: 29523@debbugs.gnu.org
> > 
> > > The bug is in ns_xlfd_to_fontname() in nsterm.m:
> > > 
> > >   if (!strncmp (xlfd, "--", 2))
> > >     sscanf (xlfd, "--%*[^-]-%[^-]179-", name);
> > >   else
> > >     sscanf (xlfd, "-%*[^-]-%[^-]179-", name);
> > > 
> > > The positions of "179" are incorrect. They should be:
> > > 
> > >   if (!strncmp (xlfd, "--", 2))
> > >     sscanf (xlfd, "--%*[^-]-%179[^-]-", name);
> > >   else
> > >     sscanf (xlfd, "-%*[^-]-%179[^-]-", name);
> > 
> > Thanks for the fix. I expect this is copyright exempt
> 
> It is.

Thanks for the confirmation. I’ve pushed to emacs-26.
-- 
Alan Third

[Prev in Thread]

Current Thread

[Next in Thread]

bug#29523: 25.3; buffer overflow in ns-font-name on mac, Yuuki Harano, 2017/12/01
- bug#29523: 25.3; buffer overflow in ns-font-name on mac, Alan Third, 2017/12/01
  - bug#29523: 25.3; buffer overflow in ns-font-name on mac, Eli Zaretskii, 2017/12/02
    - bug#29523: 25.3; buffer overflow in ns-font-name on mac, Alan Third <=

Prev by Date: bug#29440: Tramp put drive_c in the backup file name when backuping in local PC/windows
Next by Date: bug#29305: 26.0.90; Wrong electrified indentation with Python multiline string
Previous by thread: bug#29523: 25.3; buffer overflow in ns-font-name on mac
Next by thread: bug#29524: 25.3; Typo in elisp info page Sequences Arrays Vectors -> Sequence functions
Index(es):
- Date
- Thread