From 6b06431e9bcbef2eb1126dda01a68d4a81f0825e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Sun, 11 Aug 2013 15:24:47 +0200
Subject: core: Fix a possible buffer overflow using getself_name().

If the passed buffer is smaller than MAX_NAME_LENGTH then, you
will probably overflow it.
---
 core/Messenger.h | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'core/Messenger.h')

diff --git a/core/Messenger.h b/core/Messenger.h
index fa69d104..aa9611a4 100644
--- a/core/Messenger.h
+++ b/core/Messenger.h
@@ -196,10 +196,18 @@ int m_sendaction(Messenger *m, int friendnumber, uint8_t *action, uint32_t lengt
    return -1 if failure */
 int setname(Messenger *m, uint8_t *name, uint16_t length);
 
-/* get our nickname
-   put it in name
-   return the length of the name*/
-uint16_t getself_name(Messenger *m, uint8_t *name);
+/**
+ * @brief Get your nickname.
+ *
+ * @param[in]  m        The messanger context to use.
+ *
+ * @param[inout]  name    Pointer to a string for the name.
+ *
+ * @param[in]  nlen     The length of the string buffer.
+ *
+ * @return Return the length of the name, 0 on error.
+ */
+uint16_t getself_name(Messenger *m, uint8_t *name, uint16_t nlen);
 
 /* get name of friendnumber
     put it in name
-- 
cgit v1.2.3