On 6 October 2015 at 17:38, Dirk Hohndel <[email protected]> wrote: > On Tue, Oct 06, 2015 at 01:10:17PM +0300, Lubomir I. Ivanov wrote: >> +const char *system_default_filename(void) >> +{ >> + char filename[128] = { 0 }; >> + if (!*filename) { >> + const char *user = getenv("LOGNAME"); >> + strcat(filename, user); > > You are copying a user provided string (environment variable LOGNAME) into > a fixed length buffer... not a good plan :-) > > I'll fix that. >
linux.c also has the same, BTW. lubomir -- _______________________________________________ subsurface mailing list [email protected] http://lists.subsurface-divelog.org/cgi-bin/mailman/listinfo/subsurface
