String copy function overflows destination buffer.
strcat(str, "LinkKey ");
^~~~~~~~~~~~~~~~~~~~~~~
---
monitor/l2cap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/monitor/l2cap.c b/monitor/l2cap.c
index 6d9b1ce..27341fd 100644
--- a/monitor/l2cap.c
+++ b/monitor/l2cap.c
@@ -2379,7 +2379,7 @@ static void print_smp_auth_req(uint8_t auth_req)
static void print_smp_key_dist(const char *label, uint8_t dist)
{
- char str[19];
+ char str[27];
if (!(dist & 0x07)) {
strcpy(str, "<none> ");
--
1.9.1
Hi Gowtham,
On Mon, Dec 15, 2014, Gowtham Anandha Babu wrote:
> String copy function overflows destination buffer.
> strcat(str, "LinkKey ");
> ^~~~~~~~~~~~~~~~~~~~~~~
> ---
> monitor/l2cap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Applied. Thanks.
Johan