diff options
author | Frerich Raabe <raabe@froglogic.com> | 2016-02-09 08:43:51 +0100 |
---|---|---|
committer | Katja Marttila <katja.marttila@theqtcompany.com> | 2016-02-15 06:19:20 +0000 |
commit | a4b148435268ea0bd783a5b109b6a12c4850631b (patch) | |
tree | df985db6c95259b3c6ba6f40027e74569eb29aa9 /src/libs/installer | |
parent | b28809d33975397bbf56058854240baad2498f63 (diff) |
Fixed out of bounds access when calling su/sudo
The memory block allocated for the execv() arguments was too small,
causing subsequent code to invoke undefined behavior.
Change-Id: Ic0b1e03ddc07e3147ef0d920f18d86276b21e222
Reviewed-by: Katja Marttila <katja.marttila@theqtcompany.com>
Diffstat (limited to 'src/libs/installer')
-rw-r--r-- | src/libs/installer/adminauthorization_x11.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libs/installer/adminauthorization_x11.cpp b/src/libs/installer/adminauthorization_x11.cpp index 20eacf1cc..f451f344e 100644 --- a/src/libs/installer/adminauthorization_x11.cpp +++ b/src/libs/installer/adminauthorization_x11.cpp @@ -238,7 +238,7 @@ bool AdminAuthorization::execute(QWidget *parent, const QString &program, const for (int i = 3; i < static_cast<int>(rlp.rlim_cur); ++i) ::close(i); - char **argp = (char **) ::malloc(arguments.count() + 4 * sizeof(char *)); + char **argp = (char **) ::malloc((arguments.count() + 4) * sizeof(char *)); QList<QByteArray> args; args.push_back(SU_COMMAND); args.push_back("-b"); |