desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #79739
[Bug 957587] Re: Coverity SECURE_CODING - CID 10020
** Changed in: compiz
Status: Fix Committed => Fix Released
** Changed in: compiz-core
Status: New => Won't Fix
** Changed in: compiz-core/0.9.5
Status: New => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to compiz in Ubuntu.
https://bugs.launchpad.net/bugs/957587
Title:
Coverity SECURE_CODING - CID 10020
Status in Compiz:
Fix Released
Status in Compiz Core:
Won't Fix
Status in Compiz Core 0.9.5 series:
Won't Fix
Status in “compiz” package in Ubuntu:
Fix Released
Bug description:
This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 10020
Checker: SECURE_CODING
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/676.html
File: /tmp/buildd/compiz-0.9.7.0~bzr3025/libdecoration/decoration.c
Function: decor_handle_selection_clear()
Code snippet:
3168 {
3169 Atom dm_sn_atom;
3170 char buf[128];
3171
CID 10020 - SECURE_CODING
[VERY RISKY]. Using "sprintf" can cause a buffer overflow when done incorrectly. Because sprintf() assumes an arbitrarily long string, callers must be careful not to overflow the actual space of the destination. Use snprintf() instead, or correct precision specifiers.
3172 sprintf (buf, "_COMPIZ_DM_S%d", screen);
3173 dm_sn_atom = XInternAtom (xdisplay, buf, 0);
3174
3175 if (xevent->xselectionclear.selection == dm_sn_atom)
3176 return DECOR_SELECTION_GIVE_UP;
3177
To manage notifications about this bug go to:
https://bugs.launchpad.net/compiz/+bug/957587/+subscriptions
