From 6b06431e9bcbef2eb1126dda01a68d4a81f0825e Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Sun, 11 Aug 2013 15:24:47 +0200 Subject: core: Fix a possible buffer overflow using getself_name(). If the passed buffer is smaller than MAX_NAME_LENGTH then, you will probably overflow it. --- testing/toxic/chat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'testing/toxic/chat.c') diff --git a/testing/toxic/chat.c b/testing/toxic/chat.c index 112b20b7..59b13492 100644 --- a/testing/toxic/chat.c +++ b/testing/toxic/chat.c @@ -210,7 +210,7 @@ void execute(ToxWindow *self, ChatContext *ctx, Messenger *m, char *cmd, struct wattroff(ctx->history, COLOR_PAIR(2)); uint8_t selfname[MAX_NAME_LENGTH]; - int len = getself_name(m, selfname); + int len = getself_name(m, selfname, sizeof(selfname)); char msg[MAX_STR_SIZE-len-4]; snprintf(msg, sizeof(msg), "* %s %s\n", (uint8_t*) selfname, action); -- cgit v1.2.3