Coverity SECURE_CODING - CID 12519
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Compiz |
Fix Released
|
Medium
|
MC Return | ||
0.9.9 |
Fix Released
|
Medium
|
MC Return | ||
compiz (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https:/
CID: 12519
Checker: SECURE_CODING
Category: No category available
CWE definition: http://
File: /tmp/buildd/
Function: WaterScreen:
Code snippet:
263 program[SET] = new GLProgram (set_water_
264 set_water_
265
266 if (target == GL_TEXTURE_2D)
CID 12519 - SECURE_CODING
[VERY RISKY]. Using "sprintf" can cause a buffer overflow when done incorrectly. Because sprintf() assumes an arbitrarily long string, callers must be careful not to overflow the actual space of the destination. Use snprintf() instead, or correct precision specifiers.
267 sprintf (buf, update_
268 "2D", "2D",
269 1.0f / (float) texWidth, 1.0f / (float) texWidth,
270 1.0f / (float) texHeight, 1.0f / (float) texHeight,
271 "2D", "2D", "2D", "2D");
272 else
Related branches
- Sam Spilsbury: Approve
- PS Jenkins bot: Pending (continuous-integration) requested
-
Diff: 133 lines (+12/-12)7 files modifiedlibdecoration/decoration.c (+1/-1)
plugins/composite/src/screen.cpp (+1/-1)
plugins/dbus/src/dbus.cpp (+2/-2)
plugins/loginout/src/loginout.cpp (+2/-2)
plugins/screenshot/src/screenshot.cpp (+1/-1)
plugins/water/src/water.cpp (+3/-3)
src/screen.cpp (+2/-2)
Changed in compiz: | |
status: | In Progress → Fix Committed |
Changed in compiz: | |
status: | Fix Committed → Fix Released |
Source file with Coverity annotations.