From 78047e8d2bc1e5ca10157870323614f4d3a9b0c7 Mon Sep 17 00:00:00 2001 From: "Mun, Gwan-gyeong" Date: Mon, 14 Mar 2016 18:03:20 +0900 Subject: [PATCH] Replace vulnerable function 'sprintf' to 'snprintf on coregl_fastpath_egl.c Change-Id: Idabe5f0a01f44ca8e00217d870847966dcd9a8fa --- src/modules/fastpath/coregl_fastpath_egl.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/modules/fastpath/coregl_fastpath_egl.c b/src/modules/fastpath/coregl_fastpath_egl.c index ad74335..44a413e 100644 --- a/src/modules/fastpath/coregl_fastpath_egl.c +++ b/src/modules/fastpath/coregl_fastpath_egl.c @@ -840,7 +840,8 @@ fastpath_eglCreateContext(EGLDisplay dpy, EGLConfig config, char ment[256]; add_to_general_trace_list(&glue_ctx_trace_list, newgctx); - sprintf(ment, "eglCreateContext completed (GlueCTX=[%12p])", newgctx); + snprintf(ment, sizeof(ment), "eglCreateContext completed (GlueCTX=[%12p])", + newgctx); _dump_context_info(ment, 1); } #endif // COREGL_FASTPATH_TRACE_CONTEXT_INFO @@ -941,7 +942,8 @@ finish: #ifdef COREGL_FASTPATH_TRACE_CONTEXT_INFO if (unlikely(trace_ctx_flag == 1)) { char ment[256]; - sprintf(ment, "eglDestroyContext completed (GlueCTX=[%12p])", ctx); + snprintf(ment, sizeof(ment), "eglDestroyContext completed (GlueCTX=[%12p])", + ctx); _dump_context_info(ment, 1); } #endif // COREGL_FASTPATH_TRACE_CONTEXT_INFO @@ -1147,7 +1149,7 @@ fastpath_eglMakeCurrent(EGLDisplay dpy, EGLSurface draw, EGLSurface read, } // Check if the object is correct - if (gctx->magic != MAGIC_GLFAST) { + if (gctx && (gctx->magic != MAGIC_GLFAST)) { COREGL_ERR("\E[40;31;1mGlue-CTX Magic Check Failed!!! (Memory broken?)\E[0m\n"); ret = EGL_FALSE; goto finish; @@ -1247,8 +1249,9 @@ finish: #ifdef COREGL_FASTPATH_TRACE_CONTEXT_INFO if (unlikely(trace_ctx_flag == 1)) { char ment[256]; - sprintf(ment, "eglMakeCurrent finished (GlueCTX=[%12p] Surf=[D:%12p R:%12p])", - ctx, draw, read); + snprintf(ment, sizeof(ment), + "eglMakeCurrent finished (GlueCTX=[%12p] Surf=[D:%12p R:%12p])", + ctx, draw, read); _dump_context_info(ment, 0); } #endif // COREGL_FASTPATH_TRACE_CONTEXT_INFO -- 2.7.4