35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 072a39a772a38c475e35a1be311304ca99e9de7f Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Lars=20M=C3=B6llendorf?= <lars@moellendorf.eu>
|
|
Date: Sun, 26 Jan 2025 08:48:23 +0100
|
|
Subject: [PATCH] Fix heap overflow in `iniparser_dumpsection_ini()`
|
|
|
|
Origin: https://gitlab.com/iniparser/iniparser/-/commit/072a39a772a38c475e35a1be311304ca99e9de7f
|
|
|
|
...reported in #177
|
|
|
|
As suggested by the issue reporter this is fixed by returning from
|
|
`iniparser_dumpsection_ini()` in case the length of the passed section name
|
|
of dictionary to dump was bigger than the size of the internal buffer used
|
|
to copy this string to.
|
|
|
|
Changelog: changed
|
|
---
|
|
src/iniparser.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/src/iniparser.c b/src/iniparser.c
|
|
index abc8b52..1086b46 100644
|
|
--- a/src/iniparser.c
|
|
+++ b/src/iniparser.c
|
|
@@ -327,6 +327,7 @@ void iniparser_dumpsection_ini(const dictionary * d, const char * s, FILE * f)
|
|
|
|
if (d==NULL || f==NULL) return ;
|
|
if (! iniparser_find_entry(d, s)) return ;
|
|
+ if (strlen(s) > sizeof(keym)) return;
|
|
|
|
seclen = (int)strlen(s);
|
|
fprintf(f, "\n[%s]\n", s);
|
|
--
|
|
GitLab
|
|
|