fix buffer overflow in unflatten

GCC 8.3.0 with -Wformat-overflow is capable of noticing that the sprintf in this
function can overflow the target buffer.

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6b7f6751d45d4f32e9ad40320fd4338a727a5090..9edd5002b7be44529de5888b6d9f9f2de9876aac 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - broken sorting in nearest_neighbor_graph_ann.cpp #1938
 - memory leak in ANN bridge
 - gvpr on Windows does not support absolute paths #1780
+- buffer overflow in unflatten
 
 ## [2.46.1] - 2021-02-13
 

diff --git a/cmd/tools/unflatten.c b/cmd/tools/unflatten.c
index 2cf8ffafea1cf473a1b7734d5b3e905975445ac8..9639c1c59efde542ec2961cec8fb8755a15dc754 100644 (file)
--- a/cmd/tools/unflatten.c
+++ b/cmd/tools/unflatten.c
@@ -63,7 +63,7 @@ static int ischainnode(Agnode_t * n)
 
 static void adjustlen(Agedge_t * e, Agsym_t * sym, int newlen)
 {
-    char buf[10];
+    char buf[12];
 
     sprintf(buf, "%d", newlen);
     agxset(e, sym, buf);