diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-07-03 13:49:59 +0000 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-08-26 12:50:26 +0000 |
commit | 7c894fc7fd1bcccbb9850ad1088c0f0ac006c427 (patch) | |
tree | cc374137c3189ef32aba165147758e69ab7ac7ff /src/device/device_ledger.cpp | |
parent | Merge pull request #5827 (diff) | |
download | monero-7c894fc7fd1bcccbb9850ad1088c0f0ac006c427.tar.xz |
device_ledger: add paranoid buffer overflow check
Coverity 200183
Diffstat (limited to 'src/device/device_ledger.cpp')
-rw-r--r-- | src/device/device_ledger.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/device/device_ledger.cpp b/src/device/device_ledger.cpp index eba633da8..2d91b881b 100644 --- a/src/device/device_ledger.cpp +++ b/src/device/device_ledger.cpp @@ -320,7 +320,9 @@ namespace hw { bool device_ledger::reset() { reset_buffer(); int offset = set_command_header_noopt(INS_RESET); - memmove(this->buffer_send+offset, MONERO_VERSION, strlen(MONERO_VERSION)); + const size_t verlen = strlen(MONERO_VERSION); + ASSERT_X(offset + verlen <= BUFFER_SEND_SIZE, "MONERO_VERSION is too long") + memmove(this->buffer_send+offset, MONERO_VERSION, verlen); offset += strlen(MONERO_VERSION); this->buffer_send[4] = offset-5; this->length_send = offset; |