-
Committer:
Daniel Wagner
-
Date:
2020-05-26 07:07:51 UTC
-
Revision ID:
git-v1:ff95ad8fa24d3949bf37ccec9e72b0d4e02d32a4
gdbus: Replace snprintf() with g_strdup_printf()
snprintf returns the number of characters that would have been written
if n had been sufficiently large. If the format string is longer than
the (size - offset), the snprintf will return a value larger than
the (size-offset). In normal cases,
DBUS_MAXIMUM_MATCH_RULE_LENGTH(1024) is large, but an attacker can
make malicious, large-scale inputs.
Note, g_strdup() and g_strdup_printf() will call abort if no memory
can't be allocated. Therefore we don't need to check for NULL
pointers.
Reported by jybarnes21