diff options
author | Mohammed Sadiq <sadiq@sadiqpk.org> | 2017-05-05 17:40:33 +0530 |
---|---|---|
committer | Bastien Nocera <hadess@hadess.net> | 2017-05-05 14:59:57 +0200 |
commit | 7ca147791f0573fc989a4e980bd16cfbd8246595 (patch) | |
tree | 137846312728b215bdd4ef110cf1cd90ec586d85 | |
parent | 388b1164b2dad16ffa568be00397c69d51211311 (diff) | |
download | gnome-control-center-7ca147791f0573fc989a4e980bd16cfbd8246595.tar.gz |
hostname-helper: don't read past '\0'
g_utf8_find_next_char() doesn't do checks whether the char
is '\0' or not. We have to take care of that ourself.
This commit fixes heap-buffer-overflow found by test-hostname
ERROR: AddressSanitizer: heap-buffer-overflow on address
READ of size 1 at 0x60200000cd76 thread T0
#0 0x7f8b26920d08 in g_utf8_find_next_char glib/glib/gutf8.c:179
#1 0x55c2b8eacaee in pretty_hostname_to_ssid gnome-control-center/shell/hostname-helper.c:199
https://bugzilla.gnome.org/show_bug.cgi?id=782216
-rw-r--r-- | shell/hostname-helper.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/shell/hostname-helper.c b/shell/hostname-helper.c index b09d93f31..df596975e 100644 --- a/shell/hostname-helper.c +++ b/shell/hostname-helper.c @@ -208,6 +208,9 @@ pretty_hostname_to_ssid (const char *pretty) break; } + if (*p == '\0') + break; + prev = p; } |