hdr.version is defined as: char version[4]. "version" is extern, so the
length is unknown at compile time. At runtime, however, the problem
happens, as "version" is ultimately defined as "7.11.1" via rss/version.c
and /VERSION. This is a real overflow. I recommend the following patch to
for the moment until upstream has a better suggestion:
this will leave the hdr.version unterminated, but based on other code that
tries to read it, this field appears to be evaluated not as a string, so
it's likely to be okay. If not, use:
hdr.version is defined as: char version[4]. "version" is extern, so the
length is unknown at compile time. At runtime, however, the problem
happens, as "version" is ultimately defined as "7.11.1" via rss/version.c
and /VERSION. This is a real overflow. I recommend the following patch to
for the moment until upstream has a better suggestion:
strncpy( hdr.version, version, sizeof( hdr.version) );
this will leave the hdr.version unterminated, but based on other code that
tries to read it, this field appears to be evaluated not as a string, so
it's likely to be okay. If not, use:
strncpy( hdr.version, version, sizeof( hdr.version) ); sizeof( hdr.version) -1]='\0' ;
hdr.version[