* bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347)
@ 2009-10-20 6:32 Mike
0 siblings, 0 replies; 2+ messages in thread
From: Mike @ 2009-10-20 6:32 UTC (permalink / raw)
To: emacs-pretest-bug
Package: emacs,ns
1347 else if (!strncmp(name, "rgb:", 4)) /* A newer X11 format
-- rgb:r/g/b */
1348 {
1349 strcpy(hex, name + 4);
1350 scaling = (strlen(hex) - 2) / 3;
1351 }
strcpy will happily overwrite the bounds of hex.
^ permalink raw reply [flat|nested] 2+ messages in thread
* bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347)
@ 2010-01-01 22:11 Chong Yidong
0 siblings, 0 replies; 2+ messages in thread
From: Chong Yidong @ 2010-01-01 22:11 UTC (permalink / raw)
To: Mike; +Cc: 4763
> 1347 else if (!strncmp(name, "rgb:", 4)) /* A newer X11 format
> -- rgb:r/g/b */
> 1348 {
> 1349 strcpy(hex, name + 4);
> 1350 scaling = (strlen(hex) - 2) / 3;
> 1351 }
>
> strcpy will happily overwrite the bounds of hex.
Thanks for catching this. I've checked in a fix.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-01-01 22:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-10-20 6:32 bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347) Mike
-- strict thread matches above, loose matches on Subject: below --
2010-01-01 22:11 Chong Yidong
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).