• Hanno Böck's avatar
    main: fix heap overflow in dbus-launch wrapping · 7ee3571c
    Hanno Böck authored
    I have discovered a heap overflow with the help of an address sanitizer.
    
    The require_dbus_session() function has this code:
    
            new_argv = g_malloc (argc + 3 * sizeof (*argv));
    
    The intention is to allocate space for (argc + 3) pointers. However obviously a
    parenthesis is missing, therefore only argc bytes + 3 * pointer size gets
    allocated, which is insufficient space. This leads to invalid memory writes.
    
    The fix is trivial: Parentheses around argc + 3.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=768441
    7ee3571c
Name
Last commit
Last update
data Loading commit data...
doc Loading commit data...
gnome-session Loading commit data...
po Loading commit data...
tools Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
ChangeLog-20020212 Loading commit data...
ChangeLog-20080310 Loading commit data...
ChangeLog.pre-git Loading commit data...
HACKING Loading commit data...
MAINTAINERS Loading commit data...
Makefile.am Loading commit data...
NEWS Loading commit data...
README Loading commit data...
autogen.sh Loading commit data...
configure.ac Loading commit data...
git.mk Loading commit data...
gnome-session.doap Loading commit data...