8 Dec
2010
8 Dec
'10
11:06 a.m.
BugLink: http://launchpad.net/bugs/668487
Possible buffer overrun if the number of "card" and "device" are absurdly high, especially on 64-bit platforms.
Signed-off-by: David Henningsson david.henningsson@canonical.com --- src/pcm/pcm_hw.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/pcm/pcm_hw.c b/src/pcm/pcm_hw.c index 9d243d5..ce74ad4 100644 --- a/src/pcm/pcm_hw.c +++ b/src/pcm/pcm_hw.c @@ -1270,7 +1270,7 @@ int snd_pcm_hw_open(snd_pcm_t **pcmp, const char *name, SNDERR("invalid stream %d", stream); return -EINVAL; } - sprintf(filename, filefmt, card, device); + snprintf(filename, sizeof(filename), filefmt, card, device);
__again: if (attempt++ > 3) {
--
1.7.1
--------------080408060601020802060106--