Closed Bug 780212 Opened 9 years ago Closed 9 years ago

Fix buffer overflow beyond MAXPATHLEN when querying Android's GRE_HOME

Categories

(Firefox for Android Graveyard :: General, defect)

ARM
Android
defect
Not set
normal

Tracking

(firefox17 fixed)

RESOLVED FIXED
Firefox 17
Tracking Status
firefox17 --- fixed

People

(Reporter: cpeterson, Assigned: cpeterson)

Details

Attachments

(1 file)

This compiler warning points to a buffer overflow beyond MAXPATHLEN when querying Android's GRE_HOME:

mozilla/central/xpcom/build/BinaryPath.h: In function 'nsresult XRE_GetBinaryPath(const char*, nsIFile**)':
mozilla/central/xpcom/build/BinaryPath.h:79: warning: array subscript is above array bounds
Attachment #648764 - Flags: review?(mh+mozilla)
Comment on attachment 648764 [details] [diff] [review]
fix-GRE_HOME_overflow.patch

Review of attachment 648764 [details] [diff] [review]:
-----------------------------------------------------------------

While you're here, can you fix the XP_UNIX part, which doesn't have that guard at all?
Attachment #648764 - Flags: review?(mh+mozilla) → review+
(In reply to Mike Hommey [:glandium] from comment #1)
> Comment on attachment 648764 [details] [diff] [review]
> fix-GRE_HOME_overflow.patch
> 
> Review of attachment 648764 [details] [diff] [review]:
> -----------------------------------------------------------------
> 
> While you're here, can you fix the XP_UNIX part, which doesn't have that
> guard at all?

Actually, it doesn't need it afaics.
https://hg.mozilla.org/mozilla-central/rev/40e682b208cc
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.