diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | src/slideshow.c | 3 |
2 files changed, 5 insertions, 1 deletions
@@ -10,6 +10,9 @@ git HEAD in it, and as I do not have the time to take over giblib development, importing the library seems to be the best solution. * Fix/improve --randomize for short filelists (closes #151) + * Fix a buffer overflow in the printf implementation when handling unknown + format specifiers (affects --action, --customlist, --index-info, --info, + --thumb-title and --title) Sun, 27 Apr 2014 20:28:02 +0200 Daniel Friesel <derf+feh@finalrewind.org> diff --git a/src/slideshow.c b/src/slideshow.c index 8aa783c..a18c1f8 100644 --- a/src/slideshow.c +++ b/src/slideshow.c @@ -584,7 +584,8 @@ char *feh_printf(char *str, feh_file * file, winwidget winwid) break; default: weprintf("Unrecognized format specifier %%%c", *c); - strncat(ret, c - 1, 2); + if ((strlen(ret) + 3) < sizeof(ret)) + strncat(ret, c - 1, 2); break; } } else if ((*c == '\\') && (*(c+1) != '\0') && ((strlen(ret) + 3) < sizeof(ret))) { |