#179 Fix small potential stack overflow

[Russell Bryant]

Attached is a patch to fix another potential stack buffer overflow in s_main.c. I didn't send this over in private because I don't think it can be exploited in any useful way, so it's just a small bug.

[Hans-Christoph Steiner]

Logged In: YES
user_id=27104
Originator: NO

I am guessing there is a typo in that patch, since the new line also uses sprintf() instead of snprintf():

- sprintf(filename, "%s.dll", sys_externalschedlibname);
+ sprintf(filename, sizeof(filename), "%s.dll", sys_externalschedlibname);

[Russell Bryant]

filename overflow fix

[Russell Bryant]

Logged In: YES
user_id=1942915
Originator: YES

File Added: filename_overflow.patch2.txt

[Russell Bryant]

Logged In: YES
user_id=1942915
Originator: YES

I'm sorry for the stupid typo. That code is actually only compiled in for a Windows build (whenever MSW is defined), so I didn't notice.

[Russell Bryant]

Logged In: YES
user_id=1942915
Originator: YES

Also, let me just clarify my original summary just a little bit.

You can cause the overrun of the buffer by providing a really long input string to the -schedlib command line option. It's just not exploitable in such a way that it would be considered a security issue.

[Hans-Christoph Steiner]

Logged In: YES
user_id=27104
Originator: NO

checked into branch-v0-40-extended

[Miller Puckette]

Logged In: YES
user_id=313747
Originator: NO

taken.

[SourceForge Robot]

Logged In: YES
user_id=1312539
Originator: NO

This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 14 days (the time period specified by
the administrator of this Tracker).