On Tue, Oct 06, 2015 at 01:10:17PM +0300, Lubomir I. Ivanov wrote:
> +const char *system_default_filename(void)
> +{
> + char filename[128] = { 0 };
> + if (!*filename) {
> + const char *user = getenv("LOGNAME");
> + strcat(filename, user);
You are copying a user provided string (environment variable LOGNAME) into
a fixed length buffer... not a good plan :-)
I'll fix that.
/D
_______________________________________________
subsurface mailing list
[email protected]
http://lists.subsurface-divelog.org/cgi-bin/mailman/listinfo/subsurface
