Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jack_lsp: Fix buffer overflow for --server argument #89

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

unclechu
Copy link

In the copied optarg there are only chars from the argument, no string termination \0 char. That causes the following code to go beyond the variable memory bound.

This change adds one extra char allocation for the server_name variable and puts \0 string termination char to the last char.

Fixes #88

In the copied `optarg` there are only chars from the argument, no string
termination `\0` char. That causes the following code to go beyond the
variable memory bound.

This change adds one extra char allocation for the `server_name`
variable and puts `\0` string termination char to the last char.

Fixes jackaudio#88
@@ -122,7 +122,8 @@ main (int argc, char *argv[])
while ((c = getopt_long (argc, argv, "s:AclLphvtuU", long_options, &option_index)) >= 0) {
switch (c) {
case 's':
server_name = (char *) malloc (sizeof (char) * strlen(optarg));
server_name = (char *) malloc (sizeof (char) * (strlen(optarg) + 1));
server_name[strlen(optarg)] = '\0';
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Following the #88 (comment) comment this line might not be necessary.

Suggested change
server_name[strlen(optarg)] = '\0';

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

jack_lsp: An attempt to use --server/-s argument fails with buffer overflow
1 participant