Follow-up Comment #13, bug #66142 (group screen): Hello, original bug reporter here.
I tried your patch, and it DOES fix the issue, even when compiling with
D_FORTIFY_SRC=3, at least for the '-X stuff' command. Thanks!
However, I think there are other places in the code that might have similar
issues at runtime if they follow the same pattern of buffer usage.
[comment #12 comment #12:]
> [comment #10 comment #10:]
>> I'm getting the same error even in version compiled from tarball, using
>> commands from comment #0.
>>
>> Tested on Lubuntu 24.04.1 - 6.8.0-41-generic #41-Ubuntu SMP PREEMPT_DYNAMIC
>> x86_64
>
> Can you try this patch?
> --- a/src/attacher.c
> +++ b/src/attacher.c
> @@ -462,7 +462,7 @@ void SendCmdMessage(char *sty, char *match, char **av,
> int query)
> len = strlen(*av) + 1;
> if (p + len >= m.m.command.cmd + ARRAY_SIZE(m.m.command.cmd) - 1)
> break;
> - strncpy(p, *av, MAXPATHLEN);
> + strncpy(p, *av, MAXPATHLEN-len);
> p += len;
> }
> *p = 0;
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66142>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
