Compiz

Coverity SECURE_CODING - CID 12512

Bug #1101571 reported by Product Strategy Coverity Bug Uploader
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Compiz
Fix Released
Medium
MC Return
0.9.9
Fix Released
Medium
MC Return
compiz (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
CID: 12512
Checker: SECURE_CODING
Category: No category available
CWE definition: http://cwe.mitre.org/data/definitions/676.html
File: /tmp/buildd/compiz-0.9.9~daily13.01.14/plugins/dbus/src/dbus.cpp
Function: DbusScreen::sendChangeSignalForOption(CompOption *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)
Code snippet:
1649
1650 if (!o)
1651 return;
1652
CID 12512 - SECURE_CODING
[VERY RISKY]. Using "sprintf" can cause a buffer overflow when done incorrectly. Because sprintf() assumes an arbitrarily long string, callers must be careful not to overflow the actual space of the destination. Use snprintf() instead, or correct precision specifiers.
1653 sprintf (path, "%s/%s/%s/%s", COMPIZ_DBUS_ROOT_PATH,
1654 plugin.c_str (), "options", o->name ().c_str ());
1655
1656 signal = dbus_message_new_signal (path,
1657 COMPIZ_DBUS_SERVICE_NAME,
1658 COMPIZ_DBUS_CHANGED_SIGNAL_NAME);

Related branches

lp:~mc-return/compiz/compiz.merge-fix1101641-use-snprintf-instead-of-sprintf
Sam Spilsbury: Approve
PS Jenkins bot: Pending (continuous-integration) requested
Diff: 133 lines (+12/-12)
7 files modified
libdecoration/decoration.c (+1/-1)
plugins/composite/src/screen.cpp (+1/-1)
plugins/dbus/src/dbus.cpp (+2/-2)
plugins/loginout/src/loginout.cpp (+2/-2)
plugins/screenshot/src/screenshot.cpp (+1/-1)
plugins/water/src/water.cpp (+3/-3)
src/screen.cpp (+2/-2)
lp:ubuntu/raring/compiz
Revision history for this message
Product Strategy Coverity Bug Uploader (coverity-uploader) wrote : compiz-0.9.9: /tmp/buildd/compiz-0.9.9~daily13.01.14/plugins/dbus/src/dbus.cpp

Source file with Coverity annotations.

Changed in compiz:
importance: Undecided → Medium
PS Jenkins bot (ps-jenkins)
Changed in compiz:
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package compiz - 1:0.9.9~daily13.02.04-0ubuntu1

---------------
compiz (1:0.9.9~daily13.02.04-0ubuntu1) raring; urgency=low

  [ Marco Trevisan (Treviño) ]
  * Spread - Window glow is incorrectly painted in the screen when
    switching spreaded application (LP: #1109805)

  [ MC Return ]
  * Coverity MISSING_BREAK - CID 12463 (LP: #1101561)
  * Thumbnail plugin: Window title text is rendered into transparency
    and glow/background are too large (LP: #1099100)
  * Showmouse plugin code: Needs cleanup (LP: #1105969)
  * Coverity SECURE_CODING - CID 10019 (LP: #957582)
  * Coverity SECURE_CODING - CID 12511 (LP: #1101605)
  * Coverity SECURE_CODING - CID 12512 (LP: #1101571)
  * Keyboard shortcut overlay says Ctrl+Super+Down "minimises" the
    current window, but it doesn't (LP: #966099)
  * Coverity SECURE_CODING - CID 10020 (LP: #957587)
  * Coverity SECURE_CODING - CID 12529 (LP: #1101641)
  * Coverity MISSING_BREAK - CID 12464 (LP: #1101549)
  * Coverity SECURE_CODING - CID 12519 (LP: #1101565)
  * Coverity SECURE_CODING - CID 12516 (LP: #1101499)
  * [GLES] Showmouse plugin needs port to OpenGL|ES (LP: #1106270)

  [ Automatic PS uploader ]
  * Automatic snapshot from revision 3594
 -- Automatic PS uploader <email address hidden> Mon, 04 Feb 2013 04:01:58 +0000

Changed in compiz (Ubuntu):
status: New → Fix Released
Stephen M. Webb (bregma)
Changed in compiz:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.