bug#4763: Buffer overflow in ns_get

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347)

From:	Chong Yidong
Subject:	bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347)
Date:	Fri, 01 Jan 2010 17:11:38 -0500

>    1347   else if (!strncmp(name, "rgb:", 4))  /* A newer X11 format
> -- rgb:r/g/b */
>    1348     {
>    1349       strcpy(hex, name + 4);
>    1350       scaling = (strlen(hex) - 2) / 3;
>    1351     }
>
> strcpy will happily overwrite the bounds of hex.

Thanks for catching this.  I've checked in a fix.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#4763: Buffer overflow in ns_get_color (nsterm.m:1347), Chong Yidong <=

Prev by Date: bug#5289: 23.1.90; gnus vs. scrollbar when message fills whole window
Next by Date: bug#3296: crash in ediff
Previous by thread: bug#5289: 23.1.90; gnus vs. scrollbar when message fills whole window
Next by thread: bug#3296: crash in ediff
Index(es):
- Date
- Thread