Fix buffer overflow beyond MAXPATHLEN when querying Android's GRE_HOME

RESOLVED FIXED in Firefox 17

Status

()

Firefox for Android
General
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: cpeterson, Assigned: cpeterson)

Tracking

Trunk
Firefox 17
ARM
Android
Points:
---

Firefox Tracking Flags

(firefox17 fixed)

Details

Attachments

(1 attachment)

(Assignee)

Description

5 years ago
Created attachment 648764 [details] [diff] [review]
fix-GRE_HOME_overflow.patch

This compiler warning points to a buffer overflow beyond MAXPATHLEN when querying Android's GRE_HOME:

mozilla/central/xpcom/build/BinaryPath.h: In function 'nsresult XRE_GetBinaryPath(const char*, nsIFile**)':
mozilla/central/xpcom/build/BinaryPath.h:79: warning: array subscript is above array bounds
Attachment #648764 - Flags: review?(mh+mozilla)
Comment on attachment 648764 [details] [diff] [review]
fix-GRE_HOME_overflow.patch

Review of attachment 648764 [details] [diff] [review]:
-----------------------------------------------------------------

While you're here, can you fix the XP_UNIX part, which doesn't have that guard at all?
Attachment #648764 - Flags: review?(mh+mozilla) → review+
(In reply to Mike Hommey [:glandium] from comment #1)
> Comment on attachment 648764 [details] [diff] [review]
> fix-GRE_HOME_overflow.patch
> 
> Review of attachment 648764 [details] [diff] [review]:
> -----------------------------------------------------------------
> 
> While you're here, can you fix the XP_UNIX part, which doesn't have that
> guard at all?

Actually, it doesn't need it afaics.
(Assignee)

Comment 3

5 years ago
https://hg.mozilla.org/integration/mozilla-inbound/rev/40e682b208cc
status-firefox17: --- → fixed

Comment 4

5 years ago
https://hg.mozilla.org/mozilla-central/rev/40e682b208cc
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.