hstr icon indicating copy to clipboard operation
hstr copied to clipboard
verified publisher icon dvorka

Potential buffer overrun

Open igsol opened this issue 7 years ago • 1 comments

During version 2.0 compilation the following warning happens:

hstr.c:827:37: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
     snprintf(screenLine, width, " %s", buffer);
                                     ^
In file included from /usr/include/stdio.h:873,
                 from /usr/include/curses.h:183,
                 from include/hstr.h:29,
                 from hstr.c:21:
/usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 2 and 2049 bytes into a destination of size 2048
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Obviously the buffer size should be increased or code refined.

Thanks for nice tool anyway :+1:

igsol avatar Nov 21 '18 20:11 igsol

Shame on me - thank you for reporting it :+1:

dvorka avatar Dec 02 '18 17:12 dvorka