From: Paul Eggert Date: Mon, 29 Aug 2011 18:54:11 +0000 (-0700) Subject: * gtkutil.c (xg_check_special_colors, xg_set_geometry): X-Git-Tag: emacs-pretest-24.0.90~104^2~153^2~1^2~24 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=84722b3d573a4ad663f84ed44e212743970a0daf;p=emacs.git * gtkutil.c (xg_check_special_colors, xg_set_geometry): Make sprintf buffers a bit bigger, to avoid potential buffer overrun. --- diff --git a/src/ChangeLog b/src/ChangeLog index 91bcaebb7bb..adf9bb244b8 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -62,6 +62,9 @@ use SAFE_ALLOCA. Use esprintf, not sprintf, in case result does not fit in int. + * gtkutil.c (xg_check_special_colors, xg_set_geometry): + Make sprintf buffers a bit bigger, to avoid potential buffer overrun. + 2011-08-26 Paul Eggert Integer and memory overflow issues (Bug#9196). diff --git a/src/gtkutil.c b/src/gtkutil.c index c39119c8151..5f23d597329 100644 --- a/src/gtkutil.c +++ b/src/gtkutil.c @@ -567,7 +567,7 @@ xg_check_special_colors (struct frame *f, GtkStyleContext *gsty = gtk_widget_get_style_context (FRAME_GTK_OUTER_WIDGET (f)); GdkRGBA col; - char buf[64]; + char buf[sizeof "rgbi://" + 3 * (DBL_MAX_10_EXP + sizeof "-1.000000" - 1)]; int state = GTK_STATE_FLAG_SELECTED|GTK_STATE_FLAG_FOCUSED; if (get_fg) gtk_style_context_get_color (gsty, state, &col); @@ -797,7 +797,7 @@ xg_set_geometry (FRAME_PTR f) int xneg = f->size_hint_flags & XNegative; int top = f->top_pos; int yneg = f->size_hint_flags & YNegative; - char geom_str[32]; + char geom_str[sizeof "=x--" + 4 * INT_STRLEN_BOUND (int)]; if (xneg) left = -left;