Bug 107166

Summary:

draglock.c:134:2: warning: 'memset' writing 4112 bytes into a region of size 1028 overflows the destination

Product:

xorg

Reporter:

Martin Liska <mliska>

Component:

Input/libinput

Assignee:

Peter Hutterer <peter.hutterer>

Status:

RESOLVED FIXED

QA Contact:

Xorg Project Team <xorg-team>

Severity:

normal

Priority:

medium

CC:

peter.hutterer

Version:

unspecified

Hardware:

Other

OS:

All

Whiteboard:

i915 platform:

i915 features:

Attachments:

Description	Flags
patch candidate	none

Description Martin Liska 2018-07-09 12:19:47 UTC

Building with LTO I see following warning:

In function 'draglock_get_pairs.constprop',
    inlined from 'LibinputInitDragLockProperty' at xf86libinput.c:5328:8:
draglock.c:134:2: warning: 'memset' writing 4112 bytes into a region of size 1028 overflows the destination [-Wstringop-overflow=]
  memset(array, 0, sz * sizeof(array[0]));
  ^

Comment 1 Martin Liska 2018-07-09 12:20:42 UTC

Created attachment 140521 [details] [review]
patch candidate

There's missing division by size of array element.

Comment 2 Peter Hutterer 2018-07-10 01:25:55 UTC

Sent a slightly more extensive patch to the list to avoid future ambiguities there, please see here:
https://patchwork.freedesktop.org/patch/237418/

Comment 3 Martin Liska 2018-07-10 07:39:15 UTC

(In reply to Peter Hutterer from comment #2)
> Sent a slightly more extensive patch to the list to avoid future ambiguities
> there, please see here:
> https://patchwork.freedesktop.org/patch/237418/

Thanks for the fix.

Comment 4 Peter Hutterer 2018-07-11 00:58:37 UTC

commit 0909a1a76546284f27fb1b17a6f545a04537cc36
Author: Peter Hutterer <>
Date:   Tue Jul 10 11:17:50 2018 +1000

     draglock: fix memory overwrite during draglock parsing

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.