summaryrefslogtreecommitdiff
path: root/user/tigervnc/0002-vncviewer-Ensure-buffer-always-has-0-termination.patch
blob: 3072ca02041687020be2c66eb68ae963860c45ee (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
From f01feaa6d235b40e659bf808ce66acc2b9a93da1 Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Wed, 20 Mar 2019 13:28:36 -0500
Subject: [PATCH 2/2] vncviewer: Ensure buffer always has \0 termination
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Building from the 1.9.0 tarball using GCC 8.3.0 on Linux yields the following:

tigervnc-1.9.0/vncviewer/vncviewer.cxx: In function ‘int main(int, char**)’:
tigervnc-1.9.0/vncviewer/vncviewer.cxx:527:14: error: ‘char* strncpy(char*, const char*, size_t)’ specified bound 64 equals destination size [-Werror=stringop-truncation]
       strncpy(defaultServerName, configServerName, VNCSERVERNAMELEN);
       ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘void potentiallyLoadConfigurationFile(char*)’,
    inlined from ‘int main(int, char**)’ at tigervnc-1.9.0/vncviewer/vncviewer.cxx:557:35:
tigervnc-1.9.0/vncviewer/vncviewer.cxx:396:14: error: ‘char* strncpy(char*, const char*, size_t)’ specified bound 64 equals destination size [-Werror=stringop-truncation]
       strncpy(vncServerName, newServerName, VNCSERVERNAMELEN);
       ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This commit ensures the buffer always has the null terminator.
---
 vncviewer/vncviewer.cxx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx
index d2fe7e00..8ccfe563 100644
--- a/vncviewer/vncviewer.cxx
+++ b/vncviewer/vncviewer.cxx
@@ -402,7 +402,7 @@ potentiallyLoadConfigurationFile(char *vncServerName)
       newServerName = loadViewerParameters(vncServerName);
       // This might be empty, but we still need to clear it so we
       // don't try to connect to the filename
-      strncpy(vncServerName, newServerName, VNCSERVERNAMELEN);
+      strncpy(vncServerName, newServerName, VNCSERVERNAMELEN-1);
     } catch (rfb::Exception& e) {
       vlog.error("%s", e.str());
       if (alertOnFatalError)
@@ -533,7 +533,7 @@ int main(int argc, char** argv)
     const char* configServerName;
     configServerName = loadViewerParameters(NULL);
     if (configServerName != NULL)
-      strncpy(defaultServerName, configServerName, VNCSERVERNAMELEN);
+      strncpy(defaultServerName, configServerName, VNCSERVERNAMELEN-1);
   } catch (rfb::Exception& e) {
     vlog.error("%s", e.str());
     if (alertOnFatalError)
-- 
2.19.2