aboutsummaryrefslogtreecommitdiff
path: root/src/device
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-06-23 15:26:22 +0100
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2018-06-23 15:28:45 +0100
commit3b4dec2d12f571a845c56ec02ba3d03bcaea5569 (patch)
tree8128c19ca4ee4ca65115bd638620effc5ea85374 /src/device
parentMerge pull request #3939 (diff)
downloadmonero-3b4dec2d12f571a845c56ec02ba3d03bcaea5569.tar.xz
device_ledger: fix potential buffer overflow from bad size calc
Diffstat (limited to '')
-rw-r--r--src/device/device_ledger.cpp6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/device/device_ledger.cpp b/src/device/device_ledger.cpp
index aedaf8382..94cb3db89 100644
--- a/src/device/device_ledger.cpp
+++ b/src/device/device_ledger.cpp
@@ -194,7 +194,8 @@ namespace hw {
this->buffer_send[3],
this->buffer_send[4]
);
- buffer_to_str(strbuffer+strlen(strbuffer), sizeof(strbuffer), (char*)(this->buffer_send+5), this->length_send-5);
+ const size_t len = strlen(strbuffer);
+ buffer_to_str(strbuffer+len, sizeof(strbuffer)-len, (char*)(this->buffer_send+5), this->length_send-5);
MDEBUG( "CMD :" << strbuffer);
}
}
@@ -206,7 +207,8 @@ namespace hw {
this->buffer_recv[this->length_recv-2],
this->buffer_recv[this->length_recv-1]
);
- buffer_to_str(strbuffer+strlen(strbuffer), sizeof(strbuffer), (char*)(this->buffer_recv), this->length_recv-2);
+ const size_t len = strlen(strbuffer);
+ buffer_to_str(strbuffer+len, sizeof(strbuffer)-len, (char*)(this->buffer_recv), this->length_recv-2);
MDEBUG( "RESP :" << strbuffer);
}