Coverity SECURE_CODING - CID 10019
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Compiz |
Fix Released
|
Medium
|
MC Return | ||
Compiz Core |
Won't Fix
|
Medium
|
Unassigned | ||
0.9.5 |
Won't Fix
|
Undecided
|
Unassigned | ||
compiz (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https:/
CID: 10019
Checker: SECURE_CODING
Category: No category available
CWE definition: http://
File: /tmp/buildd/
Function: decor_acquire_
Code snippet:
2897 dm_name_atom = XInternAtom (xdisplay, "_COMPIZ_DM_NAME", 0);
2898
2899 utf8_string_atom = XInternAtom (xdisplay, "UTF8_STRING", 0);
2900
CID 10019 - SECURE_CODING
[VERY RISKY]. Using "sprintf" can cause a buffer overflow when done incorrectly. Because sprintf() assumes an arbitrarily long string, callers must be careful not to overflow the actual space of the destination. Use snprintf() instead, or correct precision specifiers.
2901 sprintf (buf, "_COMPIZ_DM_S%d", screen);
2902 dm_sn_atom = XInternAtom (xdisplay, buf, 0);
2903
2904 current_dm_sn_owner = XGetSelectionOwner (xdisplay, dm_sn_atom);
2905
2906 if (current_
Related branches
- Stephen M. Webb: Approve
- Sam Spilsbury: Approve
- PS Jenkins bot: Pending (continuous-integration) requested
-
Diff: 12 lines (+1/-1)1 file modifiedlibdecoration/decoration.c (+1/-1)
Changed in compiz: | |
importance: | Undecided → Medium |
Changed in compiz: | |
assignee: | nobody → MC Return (mc-return) |
Changed in compiz: | |
status: | New → In Progress |
Changed in compiz: | |
status: | In Progress → Fix Committed |
Changed in compiz-core: | |
status: | New → Won't Fix |
Changed in compiz: | |
status: | Fix Committed → Fix Released |
Source file with Coverity annotations.