Fix a couple of potential buffer overflows

author Reuben Thomas <rrt@sc3d.org>

Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)

committer Reuben Thomas <rrt@sc3d.org>

Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)
author Reuben Thomas <rrt@sc3d.org>
Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)
committer Reuben Thomas <rrt@sc3d.org>
Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)
diff --git a/src/java.c b/src/java.c

index 05367f16d7e7799d770de66f687a3ed50c60f50d..4bb8bc98d0f12d3576719129a15ca09870f3e909 100644 (file)
--- a/src/java.c
+++ b/src/java.c
@@ -88,7 +88,7 @@ transform_utf16_java (RECODE_SUBTASK subtask)
        put_byte (value, subtask);
      else
        {
-        char buffer[7];
+        char buffer[11];
          char *cursor;
  
          sprintf (buffer, "\\u%04x", value);
diff --git a/src/testdump.c b/src/testdump.c

index ff2ee9d84a94d956502669f5700a8e9e80392de9..bd4583727532bbf46aacf06ac30daf37dfe8d04b 100644 (file)
--- a/src/testdump.c
+++ b/src/testdump.c
@@ -254,7 +254,7 @@ produce_count (RECODE_SUBTASK subtask)
               delayed--;
             }
  
-       sprintf (buffer, "%*u  %.4X", (int)count_width, (*cursor)->count, character);
+       snprintf (buffer, sizeof(buffer), "%*u  %.4X", (int)count_width, (*cursor)->count, character);
          put_string (buffer, subtask);
         if (mnemonic)
           {
author	Reuben Thomas <rrt@sc3d.org>
	Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)
committer	Reuben Thomas <rrt@sc3d.org>
	Wed, 11 Sep 2019 18:46:53 +0000 (19:46 +0100)
src/java.c		patch \| blob \| history
src/testdump.c		patch \| blob \| history