28 lines
887 B
Diff
28 lines
887 B
Diff
From f3f66090a0a8bdcdb98984322169c73be89892b6 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Wilk <jwilk@jwilk.net>
|
|
Date: Mon, 17 Jul 2017 11:58:29 +0200
|
|
Subject: [PATCH 05/12] Fix misuse of sprintf() in imphash()
|
|
|
|
The results are undefined if source and destination buffers overlap when
|
|
calling sprintf().
|
|
---
|
|
src/pehash.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git src/pehash.c src/pehash.c
|
|
index db1735a..e49f0c1 100644
|
|
--- src/pehash.c
|
|
+++ src/pehash.c
|
|
@@ -477,7 +477,7 @@ static void imphash(pe_ctx_t *ctx, int flavor)
|
|
memset(imphash_string, 0, imphash_string_size);
|
|
|
|
LL_FOREACH_SAFE(head, elt, tmp) \
|
|
- sprintf(imphash_string, "%s%s.%s,", imphash_string, elt->dll_name, elt->function_name); \
|
|
+ sprintf(imphash_string + strlen(imphash_string), "%s.%s,", elt->dll_name, elt->function_name); \
|
|
LL_DELETE(head, elt);
|
|
|
|
free(elt);
|
|
--
|
|
2.26.2.672.g232c24e857
|
|
|