|Subject:||[XBoard-devel] Buffer overflow|
|Date:||Thu, 22 Dec 2011 20:22:31 +0100|
|User-agent:||Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:220.127.116.11) Gecko/20110922 Thunderbird/3.1.15|
You cannot have something of possibly unlimited size in a static buffer, so I suggest that PGNTagsStatic is removed. PGNTags() can then allocate a big eneogh buffer and do the work itself. PrintPGNTags() doesn't need a buffer, but can print directly to the file.
The "guilty" function is strcat() which is used in many places, so it is probably a good idea to check all uses of strcat.
However there is no reason to replace all occurences of strcat with something else like it is done with strcpy(). I find it a little silly to see calls to safeStrCpy instead of strcpy when you have just allocated a new buffer of the required size, so strcpy would be perfectly safe to use.
|[Prev in Thread]||Current Thread||[Next in Thread]|