Commit cb72901d authored by Alan Coopersmith's avatar Alan Coopersmith Committed by Akira TAGOH

Leave room for null terminators in arrays

Code currently returns a fatal error if it tries to add more entries
than the array has room for, but it wasn't checking to make sure
the final null terminator entry would fit.

Reported by parfait 1.3:
Error: Buffer overrun
   Buffer overflow (CWE 120): In array dereference of files[i] with index i
      Array size is 256 elements (of 4 bytes each), index >= 0 and index <= 256
        at line 250 of fc-glyphname/fc-glyphname.c in function 'main'.
Error: Buffer overrun
   Buffer overflow (CWE 120): In array dereference of entries[i] with index i
      Array size is 1024 elements (of 8 bytes each), index >= 0 and index <= 1024
        at line 298 of fc-lang/fc-lang.c in function 'main'.
Signed-off-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
parent 767108aa
......@@ -233,7 +233,7 @@ dump (FcGlyphName * const *table, const char *name)
int
main (int argc FC_UNUSED, char **argv)
{
char *files[MAX_GLYPHFILE];
char *files[MAX_GLYPHFILE + 1];
char line[1024];
FILE *f;
int i;
......
......@@ -254,7 +254,7 @@ static int compare (const void *a, const void *b)
int
main (int argc FC_UNUSED, char **argv)
{
static Entry entries[MAX_LANG];
static Entry entries[MAX_LANG + 1];
static FcCharSet *sets[MAX_LANG];
static int duplicate[MAX_LANG];
static int country[MAX_LANG];
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment