From 61599d67ed66fbf93de4eca7f81ef7669028fb45 Mon Sep 17 00:00:00 2001 From: Stefan Schmidt Date: Thu, 16 Apr 2020 16:25:29 +0200 Subject: [PATCH] exactness: limit length for font_path to stay in buffer We get fonts_dir from a getenv() without and length check. Make sure that we stay in the given buffer size when stitching the file path together. CID: 1422195 Reviewed-by: Marcel Hollerbach Differential Revision: https://phab.enlightenment.org/D11718 --- src/bin/exactness/player.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bin/exactness/player.c b/src/bin/exactness/player.c index c51e1cf4e4..870cc51d27 100644 --- a/src/bin/exactness/player.c +++ b/src/bin/exactness/player.c @@ -956,7 +956,7 @@ _setup_font_settings(const char *fonts_dir) { char buf[PATH_MAX]; if (!fonts_dir) fonts_dir = "./fonts"; - sprintf(buf, "%s/%s", fonts_dir, _src_unit->fonts_path); + snprintf(buf, PATH_MAX, "%s/%s", fonts_dir, _src_unit->fonts_path); if (!ecore_file_exists(buf)) { fprintf(stderr, "Unable to use the fonts path '%s' provided in %s\n",