From 65a201fed6e54d9ab7d22269d971a0afa048152a Mon Sep 17 00:00:00 2001 From: Andreas Persson Date: Sat, 29 Mar 2025 13:20:15 +0100 Subject: [PATCH] envy24control: fix memory access errors in profiles Fix two memory errors in the profiles parser: an invalid read and a "source and destination overlap in strncpy" warning. When the profiles page is initialized it fetches the profile names from the profiles file. When a profile wasn't defined in the file, the parser made invalid reads outside the buffer. Closes: https://github.com/alsa-project/alsa-tools/pull/34 Signed-off-by: Andreas Persson Signed-off-by: Jaroslav Kysela --- envy24control/profiles.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/envy24control/profiles.c b/envy24control/profiles.c index a67ef0c..9e5cde1 100644 --- a/envy24control/profiles.c +++ b/envy24control/profiles.c @@ -96,7 +96,9 @@ int get_file_size(const char * const filename) { struct stat file_status; - strncpy(filename_without_tilde, filename, MAX_FILE_NAME_LENGTH); + if (filename_without_tilde != filename) { + strncpy(filename_without_tilde, filename, MAX_FILE_NAME_LENGTH); + } filename_without_tilde[MAX_FILE_NAME_LENGTH - 1] = '\0'; subst_tilde_in_filename(filename_without_tilde); if (stat(filename_without_tilde, &file_status) < 0) { @@ -472,7 +474,8 @@ int get_pos_name_header_from_card(const char * const buffer, const int profile_n char place_holder; int pos_card_begin, pos_card_end, pos_name_header; - pos_card_begin = get_card_begin(buffer, profile_number, card_number); + if ((pos_card_begin = get_card_begin(buffer, profile_number, card_number)) < 0) + return pos_card_begin; pos_card_end = get_card_end(buffer, profile_number, card_number); place_holder = PLACE_HOLDER_STR; strncpy(header, PROFILE_NAME_TEMPL, MAX_SEARCH_FIELD_LENGTH); -- 2.47.1