From 2e288e74ab79141765329ce7f473e8530139d235 Mon Sep 17 00:00:00 2001 From: Lumir Balhar Date: Tue, 11 Sep 2018 15:58:31 +0200 Subject: [PATCH] Fix potential un-terminated buffer problem (CWE-120) --- src/libImaging/Histo.c | 4 +++- src/libImaging/Palette.c | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/libImaging/Histo.c b/src/libImaging/Histo.c index 0bfc8dfe9..2b35873e8 100644 --- a/src/libImaging/Histo.c +++ b/src/libImaging/Histo.c @@ -41,7 +41,9 @@ ImagingHistogramNew(Imaging im) /* Create histogram descriptor */ h = calloc(1, sizeof(struct ImagingHistogramInstance)); - strncpy(h->mode, im->mode, IMAGING_MODE_LENGTH); + strncpy(h->mode, im->mode, IMAGING_MODE_LENGTH-1); + h->mode[IMAGING_MODE_LENGTH-1] = 0; + h->bands = im->bands; h->histogram = calloc(im->pixelsize, 256 * sizeof(long)); diff --git a/src/libImaging/Palette.c b/src/libImaging/Palette.c index 31c2c0245..7aee6e8ee 100644 --- a/src/libImaging/Palette.c +++ b/src/libImaging/Palette.c @@ -37,7 +37,8 @@ ImagingPaletteNew(const char* mode) if (!palette) return (ImagingPalette) ImagingError_MemoryError(); - strncpy(palette->mode, mode, IMAGING_MODE_LENGTH); + strncpy(palette->mode, mode, IMAGING_MODE_LENGTH-1); + palette->mode[IMAGING_MODE_LENGTH-1] = 0; /* Initialize to ramp */ for (i = 0; i < 256; i++) {