Skip to content
Snippets Groups Projects
Commit d3275f49 authored by Birte Kristina Friesel's avatar Birte Kristina Friesel
Browse files

feh_printf: Fix buffer overflow when handling unknown format specifiers

parent 2cbfb7ee
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
ChangeLog
+ 3
0
View file @ d3275f49
...@@ -10,6 +10,9 @@ git HEAD ...@@ -10,6 +10,9 @@ git HEAD
in it, and as I do not have the time to take over giblib development, in it, and as I do not have the time to take over giblib development,
importing the library seems to be the best solution. importing the library seems to be the best solution.
* Fix/improve --randomize for short filelists (closes #151) * Fix/improve --randomize for short filelists (closes #151)
* Fix a buffer overflow in the printf implementation when handling unknown
format specifiers (affects --action, --customlist, --index-info, --info,
--thumb-title and --title)
Sun, 27 Apr 2014 20:28:02 +0200 Daniel Friesel <derf+feh@finalrewind.org> Sun, 27 Apr 2014 20:28:02 +0200 Daniel Friesel <derf+feh@finalrewind.org>
......
src/slideshow.c
+ 2
1
View file @ d3275f49
...@@ -584,7 +584,8 @@ char *feh_printf(char *str, feh_file * file, winwidget winwid) ...@@ -584,7 +584,8 @@ char *feh_printf(char *str, feh_file * file, winwidget winwid)
break; break;
default: default:
weprintf("Unrecognized format specifier %%%c", *c); weprintf("Unrecognized format specifier %%%c", *c);
strncat(ret, c - 1, 2); if ((strlen(ret) + 3) < sizeof(ret))
strncat(ret, c - 1, 2);
break; break;
} }
} else if ((*c == '\\') && (*(c+1) != '\0') && ((strlen(ret) + 3) < sizeof(ret))) { } else if ((*c == '\\') && (*(c+1) != '\0') && ((strlen(ret) + 3) < sizeof(ret))) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment