screen-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [screen-devel] [PATCH] Really avoid a potential buffer overflow for

From: david kerns
Subject: Re: [screen-devel] [PATCH] Really avoid a potential buffer overflow for 'home'
Date: Tue, 9 Jul 2024 06:19:17 -0700


On Mon, Jul 8, 2024 at 9:11 AM Alex Naumov <alexander_naumov@opensuse.org> wrote:


On Mon, Jul 8, 2024 at 5:43 PM david kerns <david.t.kerns@gmail.com> wrote:
On Mon, Jul 8, 2024 at 8:02 AM Alex Naumov <alexander_naumov@opensuse.org> wrote:
On Mon, Jul 8, 2024 at 4:48 PM david kerns <david.t.kerns@gmail.com> wrote:
I'd argue for a global replacement of sprintf(dest, ...)  to snprintf(dest, sizeof(dest)...)
Unfortunately, that's probably not an automated task.
from the man page:
     The snprintf() and vsnprintf() functions will write at most size-1 of the characters printed
     into the output string (the size'th character then gets the terminating ‘\0’); if the return
     value is greater than or equal to the size argument, the string was too short and some of the
     printed characters were discarded.  The output is always null-terminated, unless size is 0.
 
bonus points for checking the return code :)


Nice task. Wanna implement it? :)

OK, give me a couple days...

Take your time. We can add it after release also. I'm going to release new versions much more often.

I'm running on Rocky 9 (9.4) but when I try to build my changes, I fail on step 0.

$ ./autogen.sh
configure.ac:2: error: Autoconf version 2.71 or higher is required
configure.ac:2: the top level
autom4te: /usr/bin/m4 failed with exit status: 63
aclocal: error: echo failed with exit status: 63
autoreconf: aclocal failed with exit status: 63
$ cat ./autogen.sh
#!/bin/sh
exec autoreconf --install
rm -rf autom4te.cache
$ autoreconf --version
autoreconf (GNU Autoconf) 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+/Autoconf: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>, <http://gnu.org/licenses/exceptions.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by David J. MacKenzie and Akim Demaille.
$ cat /etc/redhat-release
Rocky Linux release 9.4 (Blue Onyx)

I cloned from here: https://git.savannah.gnu.org/git/screen.git

Any advice?


reply via email to
[Prev in Thread] Current Thread [Next in Thread]