mirrors/wayland
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/wayland/wayland.git synced 2025-10-29 05:40:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

cursor: Fix undefined behavior with huge names

Browse source 
If an index.theme contains a theme name which gets close to INT_MAX,
then creation of full path can lead to a signed integer overflow,
which is undefined behavior.

Fix this by turning one of the values to size_t. Easy solution for a
probably never occurring issue.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
This commit is contained in:
Tobias Stoeckmann 2024-09-12 20:36:47 +02:00 committed by Simon Ser
parent 6281ccbd3d
commit 1bee7aa4a7
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cursor/xcursor.c
View file

@ -571,7 +571,7 @@ xcursor_build_theme_dir(const char *dir, const char *theme)
* add space for any needed directory separators, one per component, * add space for any needed directory separators, one per component,
* and one for the trailing null * and one for the trailing null
*/ */
full_size = 1 + homelen + 1 + dirlen + 1 + themelen + 1; full_size = (size_t) 1 + homelen + 1 + dirlen + 1 + themelen + 1;
full = malloc(full_size); full = malloc(full_size);
if (!full) if (!full)
return NULL; return NULL;