raster pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=1b74f19b60ed46eb28b6e3469227fb733e00fb7a
commit 1b74f19b60ed46eb28b6e3469227fb733e00fb7a Author: Carsten Haitzler (Rasterman) <[email protected]> Date: Mon Sep 1 18:51:30 2014 +0900 embryo_cc - fix buffer overrun possibility fix CID 1039586 --- src/bin/embryo/embryo_cc_sc2.c | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/src/bin/embryo/embryo_cc_sc2.c b/src/bin/embryo/embryo_cc_sc2.c index b63354f..2da0656 100644 --- a/src/bin/embryo/embryo_cc_sc2.c +++ b/src/bin/embryo/embryo_cc_sc2.c @@ -2168,16 +2168,30 @@ needtoken(int token) { /* token already pushed back */ assert(_pushed); - if (token < 256) - sprintf(s1, "%c", (char)token); /* single character token */ - else - strcpy(s1, sc_tokens[token - tFIRST]); /* multi-character symbol */ - if (!freading) - strcpy(s2, "-end of file-"); - else if (_lextok < 256) - sprintf(s2, "%c", (char)_lextok); - else - strcpy(s2, sc_tokens[_lextok - tFIRST]); + if (token < 256) + { + s1[0] = (char)token; /* single character token */ + s1[1] = 0; + } + else + { + strncpy(s1, sc_tokens[token - tFIRST], 19); /* multi-character symbol */ + } + s1[19] = 0; + if (!freading) + { + strncpy(s2, "-end of file-", 19); + } + else if (_lextok < 256) + { + s2[0] = (char)_lextok; + s2[1] = 0; + } + else + { + strncpy(s2, sc_tokens[_lextok - tFIRST], 19); + } + s2[19] = 0; error(1, s1, s2); /* expected ..., but found ... */ return FALSE; } /* if */ --
