diff options
| author | Aidan MacDonald <amachronic@protonmail.com> | 2021-08-04 20:22:37 +0100 |
|---|---|---|
| committer | Aidan MacDonald <amachronic@protonmail.com> | 2021-08-06 15:46:53 +0000 |
| commit | 34fcea0b20d58dbf0fd091a864db4ee8aa5d554c (patch) | |
| tree | 319bdc76e106de101dbb4b8891cd65e2d58eea5d | |
| parent | 835d0c737a7e04f30b3990249ce461999ea2cf3a (diff) | |
| download | rockbox-34fcea0b20d58dbf0fd091a864db4ee8aa5d554c.tar.gz rockbox-34fcea0b20d58dbf0fd091a864db4ee8aa5d554c.zip | |
Fix path buffer overflow in screendump
Overflow is due to a hidden assumption in create_datetime_filename()
and create_numbered_filename() where buffer must be >= MAX_PATH bytes.
Change-Id: I9d36517d861b6925352380d551afc5439edbb340
| -rw-r--r-- | firmware/screendump.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/firmware/screendump.c b/firmware/screendump.c index 1acaaafba6..7d09b0cd5e 100644 --- a/firmware/screendump.c +++ b/firmware/screendump.c | |||
| @@ -102,7 +102,7 @@ static void (*screen_dump_hook)(int fh) = NULL; | |||
| 102 | void screen_dump(void) | 102 | void screen_dump(void) |
| 103 | { | 103 | { |
| 104 | int fd, y; | 104 | int fd, y; |
| 105 | char filename[32]; | 105 | char filename[MAX_PATH]; |
| 106 | 106 | ||
| 107 | fb_data *src; | 107 | fb_data *src; |
| 108 | #if LCD_DEPTH == 1 | 108 | #if LCD_DEPTH == 1 |
| @@ -306,7 +306,7 @@ static const unsigned char rbmpheader[] = | |||
| 306 | void remote_screen_dump(void) | 306 | void remote_screen_dump(void) |
| 307 | { | 307 | { |
| 308 | int fd, y; | 308 | int fd, y; |
| 309 | char filename[32]; | 309 | char filename[MAX_PATH]; |
| 310 | 310 | ||
| 311 | fb_remote_data *src; | 311 | fb_remote_data *src; |
| 312 | #if LCD_REMOTE_DEPTH == 1 | 312 | #if LCD_REMOTE_DEPTH == 1 |