Coverity SECURE_CODING - CID 12516
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Compiz |
Fix Released
|
Medium
|
MC Return | ||
0.9.9 |
Fix Released
|
Medium
|
MC Return | ||
compiz (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https:/
CID: 12516
Checker: SECURE_CODING
Category: No category available
CWE definition: http://
File: /tmp/buildd/
Function: ShotScreen:
Code snippet:
208
209 if (n)
210 free (namelist);
211
CID 12516 - SECURE_CODING
[VERY RISKY]. Using "sprintf" can cause a buffer overflow when done incorrectly. Because sprintf() assumes an arbitrarily long string, callers must be careful not to overflow the actual space of the destination. Use snprintf() instead, or correct precision specifiers.
212 sprintf (name, "screenshot%d.png", number);
213
214 CompString app (optionGetLaunchApp ());
215 CompString path (dir + "/" + name);
216 CompSize imageSize (w, h);
217
Related branches
- Sam Spilsbury: Approve
- PS Jenkins bot: Pending (continuous-integration) requested
-
Diff: 133 lines (+12/-12)7 files modifiedlibdecoration/decoration.c (+1/-1)
plugins/composite/src/screen.cpp (+1/-1)
plugins/dbus/src/dbus.cpp (+2/-2)
plugins/loginout/src/loginout.cpp (+2/-2)
plugins/screenshot/src/screenshot.cpp (+1/-1)
plugins/water/src/water.cpp (+3/-3)
src/screen.cpp (+2/-2)
Changed in compiz: | |
status: | In Progress → Fix Committed |
Changed in compiz: | |
status: | Fix Committed → Fix Released |
Source file with Coverity annotations.