On 29 Mar 2026 at 13:20, Alyssa Ross via busybox wrote:
To: [email protected]
Subject: [PATCH] build system: fix potential buffer overflow
Date sent: Sun, 29 Mar 2026 13:20:36 +0200
From: Alyssa Ross via busybox <[email protected]>
Send reply to: Alyssa Ross <[email protected]>
> This could potentially write one byte past the end of line.
> Identified by fortify-headers.
> ---
> scripts/basic/split-include.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/basic/split-include.c b/scripts/basic/split-include.c
> index 6ef29195e..93011d511 100644
> --- a/scripts/basic/split-include.c
> +++ b/scripts/basic/split-include.c
> @@ -195,7 +195,7 @@ int main(int argc, const char * argv [])
> ERROR_EXIT( "find" );
>
> line[0] = '\n';
> - while (fgets(line+1, buffer_size, fp_find))
> + while (fgets(line+1, buffer_size-1, fp_find))
> {
> if (strstr(list_target, line) == NULL)
> {
> --
> 2.53.0
>
with fgets shows (count in example is buffer_size.
count: The maximum number of characters to read, including the
null terminator (\0). fgets reads at most count - 1 characters into
the buffer.
buffer_size = 2 * stat_buf.st_size + 4096;
So, don't know how close it is the size of line and the buffer?
> _______________________________________________
> busybox mailing list
> [email protected]
> https://lists.busybox.net/mailman/listinfo/busybox
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor (Retired)
mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
_______________________________________________
busybox mailing list
[email protected]
https://lists.busybox.net/mailman/listinfo/busybox
