Bug 18353

Summary: Segfaults on large number of workspaces
Product: Sisyphus Reporter: Sir Raorn <raorn>
Component: WindowMakerAssignee: vkni <vkni>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: major    
Priority: P2 CC: mike, vkni
Version: unstable   
Hardware: all   
OS: Linux   

Description Sir Raorn 2008-12-26 14:51:30 MSK 
Будучи собранным со stack protector'ом падает при использовании 9-и рабочих столов:

void
SendHelperMessage(WScreen *scr, char type, int workspace, char *msg)
{
    char *buffer;
    int len;
    int i;
    char buf[16];

    if (!scr->flags.backimage_helper_launched) {
        return;
    }

    len = (msg ? strlen(msg) : 0) + (workspace >=0 ? 4 : 0) + 1 ;
    buffer = wmalloc(len+5);
    snprintf(buf, len, "%4i", len);
    memcpy(buffer, buf, 4);

Дохнет на sptintf, птому как len получается больше sizeof(buf).
Comment 1 Sir Raorn 2009-03-22 22:32:05 MSK 
0.92.0-alt4