Buffer overflow in makeinfo/sectioning.c

bug-texinfo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Buffer overflow in makeinfo/sectioning.c

From:	Dr. Werner Fink
Subject:	Buffer overflow in makeinfo/sectioning.c
Date:	Mon, 19 Nov 2012 15:50:53 +0100
User-agent:	Mutt/1.5.21 (2010-09-15)

Hi,

in the function current_chapter_number() there is a buffer overflow
which is fixed by this patch:

--------------------------* snip *---------------------------------
--- makeinfo/sectioning.c
+++ makeinfo/sectioning.c       2012-11-19 14:10:54.639587164 +0000
@@ -256,7 +256,7 @@ current_chapter_number (void)
     return xstrdup ("");
   else if (enum_marker == APPENDIX_MAGIC)
     {
-      char s[1];
+      char s[2];
       sprintf (s, "%c", numbers[0] + 64);
       return xstrdup (s);
     }
--------------------------* snap *---------------------------------

Werner

-- 
  "Having a smoking section in a restaurant is like having
          a peeing section in a swimming pool." -- Edward Burr

[Prev in Thread]

Current Thread

[Next in Thread]

Buffer overflow in makeinfo/sectioning.c, Dr. Werner Fink <=
- Re: Buffer overflow in makeinfo/sectioning.c, Sergey Poznyakoff, 2012/11/19

Prev by Date: another bug concerning texinfo 4.13.90
Next by Date: Re: Buffer overflow in makeinfo/sectioning.c
Previous by thread: another bug concerning texinfo 4.13.90
Next by thread: Re: Buffer overflow in makeinfo/sectioning.c
Index(es):
- Date
- Thread