[quake3-commits] [ioquake/ioq3] ff7ff3: Ensure that mbstowcs does not overflow its buffer

Zack Middleton zturtleman at gmail.com
Wed Jan 7 19:10:19 EST 2015


  Branch: refs/heads/master
  Home:   https://github.com/ioquake/ioq3
  Commit: ff7ff32b0e9ab083d8954abbcc92d941fffa9289
      https://github.com/ioquake/ioq3/commit/ff7ff32b0e9ab083d8954abbcc92d941fffa9289
  Author: Simon McVittie <smcv at debian.org>
  Date:   2015-01-07 (Wed, 07 Jan 2015)

  Changed paths:
    M code/client/libmumblelink.c

  Log Message:
  -----------
  Ensure that mbstowcs does not overflow its buffer

Similar to one of the changes by Tim Angus in fd986da: mbstowcs' third
argument is the number of wchar_t available in dest, not the number
of bytes.

This does not appear to be exploitable, because ioquake3 does
not actually call mumble_set_identity() or mumble_set_description()
anywhere, but it might be relevant to derivatives.

Spotted via compiler warnings.


  Commit: 044060274ef4379d35f9fe8c6b5e1b1cdd05842d
      https://github.com/ioquake/ioq3/commit/044060274ef4379d35f9fe8c6b5e1b1cdd05842d
  Author: Zack Middleton <zturtleman at gmail.com>
  Date:   2015-01-07 (Wed, 07 Jan 2015)

  Changed paths:
    M code/client/libmumblelink.c

  Log Message:
  -----------
  Merge pull request #104 from smcv/mbstowcs

Ensure that mbstowcs does not overflow its buffer


Compare: https://github.com/ioquake/ioq3/compare/8469c40c2bd7...044060274ef4


More information about the quake3-commits mailing list