projects / platform / core / telephony / libtcore.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eb03a2e)
Fix buffer overflow issue 43/139843/1 accepted/tizen_4.0_unified tizen_4.0 tizen_4.0_tv accepted/tizen/4.0/unified/20170816.013044 accepted/tizen/4.0/unified/20170829.020144 accepted/tizen/unified/20170725.173343 submit/tizen/20170724.013542 submit/tizen_4.0/20170811.094300 submit/tizen_4.0/20170828.100004 tizen_4.0.IoT.p1_release tizen_4.0.IoT.p2_release tizen_4.0.m2_release
authorsinikang <sinikang@samsung.com>
Thu, 20 Jul 2017 23:09:59 +0000 (08:09 +0900)
committersinikang <sinikang@samsung.com>
Thu, 20 Jul 2017 23:09:59 +0000 (08:09 +0900)
 In case of using strncat() function,
 should check the avaliable length of dest buffer

Change-Id: I8bb9d590802e8838a09fad90304906bbcee6adbb

packaging/libtcore.spec patch | blob | history
src/util.c patch | blob | history

diff --git a/packaging/libtcore.spec b/packaging/libtcore.spec
index c51af18..7f8209b 100644 (file)
--- a/packaging/libtcore.spec
+++ b/packaging/libtcore.spec
@@ -1,6 +1,6 @@
 %define major 0
 %define minor 3
-%define patchlevel 18
+%define patchlevel 19
 
 Name:           libtcore
 Version:        %{major}.%{minor}.%{patchlevel}
diff --git a/src/util.c b/src/util.c
index fbc17b8..dc83798 100644 (file)
--- a/src/util.c
+++ b/src/util.c
@@ -1568,7 +1568,7 @@ void tcore_util_hex_dump(const char *pad, int size, const void *data)
                                memset(buf, 0, 255);
                                snprintf(buf, 255, "%s%04X: ", pad, i + 1);
                        } else
-                               strncat(buf, TAB_SPACE, strlen(TAB_SPACE));
+                               strncat(buf, TAB_SPACE, sizeof(buf) - strnlen(buf, sizeof(buf)) - 1);
                }
        }
 
Domain: Network & Connectivity / Telephony; Licenses: Apache-2.0;