Skip to content

Commit

Permalink
GetInstallDir: fix buffer overflow
Browse files Browse the repository at this point in the history 
strlen(3) will return length of input, not including terminating NUL
character. And strcpy(3) will copy the included NUL character.
Thus, we'll get buffer overflow for 1 character.

Fix it.
  • Loading branch information
@sgn @nikp123
sgn authored and nikp123 committed Aug 27, 2020
1 parent be8caac commit 3d8d271
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/shared.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ char *xavaGetInstallDir() {
path[strlen(path)-executableNameSize] = '\0';
#else
// everything non-windows is simple as fuck, go look at the mess above
const char *path = malloc(strlen(PREFIX"/share/"PACKAGE"/"));
const char *path = malloc(strlen(PREFIX"/share/"PACKAGE"/") + 1);
strcpy(path, PREFIX"/share/"PACKAGE"/");
#endif
return path;
Expand Down

0 comments on commit 3d8d271

Please sign in to comment.