From 3e4f0d1cda532e7b95774c0e69df6cfd2130878d Mon Sep 17 00:00:00 2001 From: Andrew Kesterson Date: Sat, 10 Jan 2026 08:41:06 -0500 Subject: [PATCH] Fix a possible buffer overflow in FAIL() when writing to the stacktrace buffer --- CMakeLists.txt | 2 +- include/akerror.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f85ad4..a0d41f2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ project(akerror LANGUAGES C) include(GNUInstallDirs) include(CMakePackageConfigHelpers) -set(AKERROR_USE_STDLIB 1 CACHE BOOL "Use C standard library for error logging") +set(AKERROR_USE_STDLIB 1 CACHE BOOL "Use the C standard library") set(akerror_install_cmakedir "${CMAKE_INSTALL_LIBDIR}/cmake/akerror") find_package(PkgConfig REQUIRED) diff --git a/include/akerror.h b/include/akerror.h index 246c19b..47e8bc6 100644 --- a/include/akerror.h +++ b/include/akerror.h @@ -154,7 +154,7 @@ void error_default_logger(const char *f, ...); snprintf((char *)__err_context->function, MAX_ERROR_FUNCTION_LENGTH, __func__); \ __err_context->lineno = __LINE__; \ snprintf((char *)__err_context->message, MAX_ERROR_CONTEXT_STRING_LENGTH, __message, ## __VA_ARGS__); \ - __err_context->stacktracebufptr += sprintf(__err_context->stacktracebufptr, "%s:%s:%d: %d (%s) : %s\n", (char *)__err_context->fname, (char *)__err_context->function, __err_context->lineno, __err_context->status, error_name_for_status(__err_context->status, NULL), __err_context->message); + __err_context->stacktracebufptr += snprintf(__err_context->stacktracebufptr, MAX_ERROR_STACKTRACE_BUF_LENGTH, "%s:%s:%d: %d (%s) : %s\n", (char *)__err_context->fname, (char *)__err_context->function, __err_context->lineno, __err_context->status, error_name_for_status(__err_context->status, NULL), __err_context->message); #define SUCCEED(__err_context) \