#6 [PATCH] buffer overflow

None
closed
nobody
None
5
2013-07-03
2011-08-28
No

src/lib/ddcci.c: buffer buf[8] is too small:
for example, capacity of LG Flatron L196WTQ
char* caps_str="(prot(monitor)type(lcd)model(L196WTQ)cmds(0102030CE3F3)vcp(0203040506080B0C0E101214(01050607080B)16181A1E20303E5260(0103)6C6E7087ACAEB6C0C6C8C9D6(0104)DFF1F2(000102)F3(00010203)FC(00010203)FD(0001)FE(000102)FF)mswhql(1)mccs_ver(2.1))";
requires buf to be at least 12.
diff --git a/src/lib/ddcci.c b/src/lib/ddcci.c
index 4492df5..c818380 100644
--- a/src/lib/ddcci.c
+++ b/src/lib/ddcci.c
@@ -596,7 +596,7 @@ int ddcci_parse_caps(const char* caps_str, struct caps* caps, int add)
int svcp = 0; /* Current CAPS section is vcp */
int stype = 0; /* Current CAPS section is type */

- char buf[8];
+ char buf[128];
char* endptr;
int ind = -1;
long val = -1;

Discussion

  • Lars Tobias Skjong-Børsting

    Patch committed as 5339ab459702e554592fa6cd851a2d03c38c20b8.

    Thanks!

     
  • Lars Tobias Skjong-Børsting

    • status: open --> closed
    • Group: -->
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks