From 97706e365154f82f582aec1e4c822315a5263f38 Mon Sep 17 00:00:00 2001 From: Matthew Fernandez Date: Sun, 21 Feb 2021 19:01:10 -0800 Subject: [PATCH] fix buffer overflow in unflatten GCC 8.3.0 with -Wformat-overflow is capable of noticing that the sprintf in this function can overflow the target buffer. --- CHANGELOG.md | 1 + cmd/tools/unflatten.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b7f6751d..9edd5002b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - broken sorting in nearest_neighbor_graph_ann.cpp #1938 - memory leak in ANN bridge - gvpr on Windows does not support absolute paths #1780 +- buffer overflow in unflatten ## [2.46.1] - 2021-02-13 diff --git a/cmd/tools/unflatten.c b/cmd/tools/unflatten.c index 2cf8ffafe..9639c1c59 100644 --- a/cmd/tools/unflatten.c +++ b/cmd/tools/unflatten.c @@ -63,7 +63,7 @@ static int ischainnode(Agnode_t * n) static void adjustlen(Agedge_t * e, Agsym_t * sym, int newlen) { - char buf[10]; + char buf[12]; sprintf(buf, "%d", newlen); agxset(e, sym, buf); -- 2.40.0