Opened 13 years ago

Closed 10 years ago

#203 closed defect (fixed)

Unsafe strcat on overlapping strings in owl_zephyr_smartstripped_user

Reported by: Owned by:
Priority: major Milestone:
Component: internals Keywords: straightforward


From owl_zephyr_smartstripped_user:

  realm = strchr(out, '@');
  if (realm) realm[0]='\0';
    strcat(out, realm+1);

This strcat call might read from the same place it’s writing to, which is invalid and could break if strcat is optimized in certain ways.

Change History (3)

comment:1 Changed 11 years ago by

  • Keywords straightforward added

I think this should be easily fixable by appropriate use of g_strdup and/or g_strdup_printf.

comment:2 Changed 10 years ago by

  • Owner set to
  • Status changed from new to assigned

comment:3 Changed 10 years ago by

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.