[PATCH] Fix possible sprintf overrun in snd_pcm_hw_open
David Henningsson
david.henningsson at canonical.com
Wed Dec 8 11:06:59 CET 2010
BugLink: http://launchpad.net/bugs/668487
Possible buffer overrun if the number of "card" and "device"
are absurdly high, especially on 64-bit platforms.
Signed-off-by: David Henningsson <david.henningsson at canonical.com>
---
src/pcm/pcm_hw.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/pcm/pcm_hw.c b/src/pcm/pcm_hw.c
index 9d243d5..ce74ad4 100644
--- a/src/pcm/pcm_hw.c
+++ b/src/pcm/pcm_hw.c
@@ -1270,7 +1270,7 @@ int snd_pcm_hw_open(snd_pcm_t **pcmp, const char *name,
SNDERR("invalid stream %d", stream);
return -EINVAL;
}
- sprintf(filename, filefmt, card, device);
+ snprintf(filename, sizeof(filename), filefmt, card, device);
__again:
if (attempt++ > 3) {
--
1.7.1
--------------080408060601020802060106--
More information about the Alsa-devel
mailing list