[vlc-devel] [PATCH] Fix Hurd build
Rémi Denis-Courmont
remi at remlab.net
Tue Apr 26 21:12:04 CEST 2016
On Tuesday 26 April 2016 20:27:13 Samuel Thibault wrote:
> Rémi Denis-Courmont, on Tue 26 Apr 2016 10:00:39 +0200, wrote:
> > >+ long path_max = pathconf (".", _PC_PATH_MAX);
> > >+ size_t maxsize = (path_max == -1 || path_max > 4096) ? 4096 :
> > >path_max;
> > >+ char fname[BLOCKSIZE + maxsize];
> >
> > Looks like we have a stack buffer overflow here, with or without the
> > patch.
>
> You mean because PATH_MAX is big? Right, I have turned that into
> dynamic allocation.
I mean the following sprintf(). Maybe there was a nonobvious way to prevent
overflow, but I don´t see it.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list