From 8a731c3a544fb50b259610db3bdcb8acbe3bc9e4 Mon Sep 17 00:00:00 2001
From: Gwanglim Lee <gl77.lee@samsung.com>
Date: Thu, 14 Dec 2017 11:40:46 +0900
Subject: [PATCH] e_comp: added buffer size check code to avoid buffer overflow
 when socket init

Change-Id: I196487ccde9f6615b22494ce9942f6b0d20e6dfd
---
 src/bin/e_comp.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/bin/e_comp.c b/src/bin/e_comp.c
index 3dda346857..e874e0d252 100644
--- a/src/bin/e_comp.c
+++ b/src/bin/e_comp.c
@@ -1117,8 +1117,9 @@ e_comp_socket_init(const char *name)
    int res;
    E_Config_Socket_Access *sa = NULL;
    Eina_List *l = NULL;
+   int l_dir, l_name;
 #undef STRERR_BUFSIZE
-#define STRERR_BUFSIZE 128
+#define STRERR_BUFSIZE 1024
    char buf[STRERR_BUFSIZE];
 
    if (!name) return EINA_FALSE;
@@ -1126,6 +1127,18 @@ e_comp_socket_init(const char *name)
    dir = e_util_env_get("XDG_RUNTIME_DIR");
    if (!dir) return EINA_FALSE;
 
+   /* check whether buffer size is less than concatenated string which
+    * is made of XDG_RUNTIME_DIR, '/', socket name and NULL.
+    */
+   l_dir = strlen(dir);
+   l_name = strlen(name);
+   if ((l_dir + l_name + 2) > STRERR_BUFSIZE)
+     {
+        ERR("Size of buffer is not enough. dir:%s name:%s",
+            dir, name);
+        return EINA_FALSE;
+     }
+
    snprintf(socket_path, sizeof(socket_path), "%s/%s", dir, name);
    free(dir);
 
-- 
2.34.1