]> granicus.if.org Git - graphviz/commit
projects / graphviz / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 339bdbc) | patch
fix a buffer overflow in string construction
authorMatthew Fernandez <matthew.fernandez@gmail.com>
Sat, 24 Oct 2020 16:17:54 +0000 (09:17 -0700)
committerMatthew Fernandez <matthew.fernandez@gmail.com>
Sat, 31 Oct 2020 01:46:51 +0000 (18:46 -0700)
commitd9dbca415a8181d4437dfafde802753819511217
tree6dfa70fdc3e7635835515b8cba84f5e87c92934dtree | snapshot
parent339bdbc38698c59a53ec00741b1258be7e4b367dcommit | diff
fix a buffer overflow in string construction

The conditional in this code was the wrong way around. So the %s branch could be
taken only when the resulting sprintf would *definitely* overflow the target
buffer. From this we can conclude this branch was never safe and never used
correctly. For simplicity, we remove it, leaving only the %d option. Related to
!1620.
CHANGELOG.md diff | blob | history
lib/fdpgen/layout.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.