Google Git
Sign in
plan9port / plan9 / 94b38bdb722052838eb0d940c05995b870db4ea0
commit94b38bdb722052838eb0d940c05995b870db4ea0[log] [tgz]
authorRay Lai <ray@raylai.com>Wed May 18 14:06:20 2016 +0800
committerGleydson Soares <gsoares@gmail.com>Sat Apr 08 00:06:42 2017 +0000
treecaa3e66b9f3395c55385c5e201ac5ad336b101ef
parent669713d43f8a014ba481265d4c58c3fe575527b4 [diff]
libdraw: replace hand-rolled realloc, preventing buffer overflow.

The original buffer is f->nsubf*sizeof *subf bytes (oldsize) large.
Once it's full, a new buffer of (f->nsubf+DSUBF)*sizeof *subf
(newsize) is mallocated.  Unfortunately memmove() reads (newsize)
bytes from the original (oldsize) buffer, causing a buffer overflow.

By switching to realloc(), we don't need to do buffer size calculation,
memmoving, and freeing of the original buffer.

Change-Id: Ibf85bc06abe1c8275b11acb1d7d346a14291d2cd
Reviewed-on: https://plan9port-review.googlesource.com/1520
Reviewed-by: Gleydson Soares <gsoares@gmail.com>
1 file changed
tree: caa3e66b9f3395c55385c5e201ac5ad336b101ef
  1. acid/
  2. bin/
  3. dict/
  4. dist/
  5. face/
  6. font/
  7. include/
  8. lib/
  9. log/
  10. lp/
  11. mac/
  12. mail/
  13. man/
  14. ndb/
  15. news/
  16. plumb/
  17. postscript/
  18. proto/
  19. sky/
  20. src/
  21. tmac/
  22. troff/
  23. unix/
  24. .gitignore
  25. CHANGES
  26. configure
  27. CONTRIBUTING.md
  28. CONTRIBUTORS
  29. INSTALL
  30. install.txt
  31. LICENSE
  32. Makefile
  33. rcmain
  34. README.md
  35. TODO
README.md

This is a port of many Plan 9 libraries and programs to Unix.

Installation

To install, run ./INSTALL. It builds mk and then uses mk to run the rest of the installation.

For more details, see install(1), at install.txt in this directory and at http://swtch.com/plan9port/man/man1/install.html.

Documentation

See http://swtch.com/plan9port/man/ for more documentation. (Documentation is also in this tree, but you need to run a successful install first. After that, “9 man 1 intro”.)

Intro(1) contains a list of man pages that describe new features or differences from Plan 9.

Helping out

If you'd like to help out, great! The TODO file contains a small list.

If you port this code to other architectures, please share your changes so others can benefit.

Please use codereview(1) to prepare patches.

Git

You can use Git to keep your local copy up-to-date as we make changes and fix bugs. See the git(1) man page here (“9 man git”) for details on using Git.

Contact