mirrors/maomaowm
1
0
Fork 0
mirror of https://github.com/DreamMaoMao/maomaowm.git synced 2026-05-03 06:46:38 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix critical buffer overflow and memory leak vulnerabilities

Browse source 
- Replace unsafe strcpy() with strncpy() in fetch/common.h
- Replace unsafe strcpy() with strncpy() in config parsing
- Fix buffer overflow from strcat() by adding bounds checking
- Fix memory leak by adding wordfree() for wordexp results
- Add integer overflow validation for strtol() calls
- Add errno checking for all strtol conversions

Co-authored-by: squassina <8495707+squassina@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2026-02-18 08:54:42 +00:00
parent a2b1c34b0f
commit 9d2f852ec2
3 changed files with 49 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/fetch/common.h
View file

@ -33,7 +33,8 @@ void get_layout_abbr(char *abbr, const char *full_name) {
// 1. 尝试在映射表中查找
for (int32_t i = 0; layout_mappings[i].full_name != NULL; i++) {
if (strcmp(full_name, layout_mappings[i].full_name) == 0) {
strcpy(abbr, layout_mappings[i].abbr);
strncpy(abbr, layout_mappings[i].abbr, 4);
abbr[4] = '\0';
return;
}
}
@ -73,7 +74,8 @@ void get_layout_abbr(char *abbr, const char *full_name) {
abbr[2] = '\0';
} else {
// 5. 最终回退:返回 "xx"
strcpy(abbr, "xx");
strncpy(abbr, "xx", 4);
abbr[4] = '\0';
}
}