[balsa] Fix buffer overflow and missing include

From: Peter Bloomfield <peterb src gnome org>
To: commits-list gnome org
Cc:
Subject: [balsa] Fix buffer overflow and missing include
Date: Wed, 19 Dec 2018 00:38:42 +0000 (UTC)

commit 0baad1fb0ee3266b7cd2b9900dc5e78f494011e7
Author: Albrecht Dreß <albrecht dress arcor de>
Date:   Tue Dec 18 19:29:31 2018 -0500

    Fix buffer overflow and missing include
    
    * libbalsa/folder-scanners.c: fix missing include on old systems
      which do not indirectly import string.h, remove obsolete macro
    * libbalsa/libbalsa.c: fix one-byte buffer overflow in
      x509_fingerprint()
    
    Signed-off-by: Peter Bloomfield <PeterBloomfield bellsouth net>

 ChangeLog                  | 9 +++++++++
 libbalsa/folder-scanners.c | 5 +----
 libbalsa/libbalsa.c        | 2 +-
 3 files changed, 11 insertions(+), 5 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 4f08ef2b0..cce6e7577 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2018-12-18  Albrecht Dreß  <albrecht dress arcor de>
+
+       Fix buffer overflow and missing include
+
+       * libbalsa/folder-scanners.c: fix missing include on old systems
+         which do not indirectly import string.h, remove obsolete macro
+       * libbalsa/libbalsa.c: fix one-byte buffer overflow in
+         x509_fingerprint()
+
 2018-12-18  Albrecht Dreß  <albrecht dress arcor de>
 
        SMTP, POP: fall back to auth w/ password if GSS failed
diff --git a/libbalsa/folder-scanners.c b/libbalsa/folder-scanners.c
index 634af73ce..a3e703725 100644
--- a/libbalsa/folder-scanners.c
+++ b/libbalsa/folder-scanners.c
@@ -22,6 +22,7 @@
 #endif                          /* HAVE_CONFIG_H */
 #include "folder-scanners.h"
 
+#include <string.h>
 #include <glib/gstdio.h>
 
 #include "libbalsa.h"
@@ -30,10 +31,6 @@
 #include "imap-commands.h"
 #include "imap-server.h"
 
-#ifndef PATH_MAX
-#define PATH_MAX _POSIX_PATH_MAX
-#endif
-
 typedef void (*local_scanner_helper) (gpointer rnode,
                                       const gchar * prefix,
                                       LocalCheck check_local_path,
diff --git a/libbalsa/libbalsa.c b/libbalsa/libbalsa.c
index 090a0fcff..a93826658 100644
--- a/libbalsa/libbalsa.c
+++ b/libbalsa/libbalsa.c
@@ -525,7 +525,7 @@ x509_fingerprint(gnutls_x509_crt_t cert)
 
     buf_size = 20U;
     g_message("%d", gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_SHA1, sha1_buf, &buf_size));
-    str_buf = g_malloc0(60U);
+    str_buf = g_malloc0(61U);
     for (n = 0; n < 20; n++) {
        sprintf(&str_buf[3 * n], "%02x:", sha1_buf[n]);
     }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]