[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D c

From: Jim Meyering
Subject: Re: [Findutils-patches] [PATCH] ftsfind.c: avoid buffer overflow in -D code
Date: Mon, 9 Jul 2018 08:23:21 -0700

On Mon, Jul 9, 2018 at 5:57 AM, Bernhard Voelker
<address@hidden> wrote:
> On 07/08/2018 06:19 AM, Jim Meyering wrote:
>> On Sat, Jul 7, 2018 at 4:13 PM, Bernhard Voelker
>> <address@hidden> wrote:
>>> -  static char buf[10];
>>> +  static char buf[14];
>> Or maybe this, since you already use the intprops module, just add
>> this somewhere prior: #include "intprops.h"
>>   static char buf[1 + INT_BUFSIZE_BOUND (info) + 1];
> Even better, thanks!
> I wrapped that into the attached patch in your name ... pushing soon.

Thanks. Actually, we must not rely on it being already available due
to a transitive dependency.
Instead, I suggest to make the dependency on this gnulib module
explicit by adding its name to bootstrap.conf:

Attachment: also-add-intprops-dep.diff
Description: Binary data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]