[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347)
From: |
Chong Yidong |
Subject: |
bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347) |
Date: |
Fri, 01 Jan 2010 17:11:38 -0500 |
> 1347 else if (!strncmp(name, "rgb:", 4)) /* A newer X11 format
> -- rgb:r/g/b */
> 1348 {
> 1349 strcpy(hex, name + 4);
> 1350 scaling = (strlen(hex) - 2) / 3;
> 1351 }
>
> strcpy will happily overwrite the bounds of hex.
Thanks for catching this. I've checked in a fix.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347),
Chong Yidong <=