[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D c
Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D code
Mon, 9 Jul 2018 08:23:21 -0700
On Mon, Jul 9, 2018 at 5:57 AM, Bernhard Voelker
> On 07/08/2018 06:19 AM, Jim Meyering wrote:
>> On Sat, Jul 7, 2018 at 4:13 PM, Bernhard Voelker
>> <address@hidden> wrote:
>>> - static char buf;
>>> + static char buf;
>> Or maybe this, since you already use the intprops module, just add
>> this somewhere prior: #include "intprops.h"
>> static char buf[1 + INT_BUFSIZE_BOUND (info) + 1];
> Even better, thanks!
> I wrapped that into the attached patch in your name ... pushing soon.
Thanks. Actually, we must not rely on it being already available due
to a transitive dependency.
Instead, I suggest to make the dependency on this gnulib module
explicit by adding its name to bootstrap.conf:
Description: Binary data