From ba47f169caf691dc38a530e86748a7769657b403 Mon Sep 17 00:00:00 2001 From: harry Date: Mon, 16 Jan 2023 09:44:32 -0500 Subject: [PATCH] Fixed stack buffer overflow in Qt GUI loading a ROM with a large filepath from file dialog. --- src/drivers/Qt/main.cpp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/drivers/Qt/main.cpp b/src/drivers/Qt/main.cpp index 1974ac29..1704a5d6 100644 --- a/src/drivers/Qt/main.cpp +++ b/src/drivers/Qt/main.cpp @@ -43,26 +43,27 @@ static void MessageOutput(QtMsgType type, const QMessageLogContext &context, con switch (type) { case QtDebugMsg: - sprintf( cmsg, "Qt Debug: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); + snprintf( cmsg, sizeof(cmsg), "Qt Debug: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); FCEUD_Message(cmsg); break; case QtInfoMsg: - sprintf( cmsg, "Qt Info: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); + snprintf( cmsg, sizeof(cmsg), "Qt Info: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); FCEUD_Message(cmsg); break; case QtWarningMsg: - sprintf( cmsg, "Qt Warning: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); + snprintf( cmsg, sizeof(cmsg), "Qt Warning: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); FCEUD_Message(cmsg); break; case QtCriticalMsg: - sprintf( cmsg, "Qt Critical: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); + snprintf( cmsg, sizeof(cmsg), "Qt Critical: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); FCEUD_PrintError(cmsg); break; case QtFatalMsg: - sprintf( cmsg, "Qt Fatal: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); + snprintf( cmsg, sizeof(cmsg), "Qt Fatal: %s (%s:%u, %s)\n", localMsg.constData(), file, context.line, function); FCEUD_PrintError(cmsg); break; } + cmsg[sizeof(cmsg)-1] = 0; fprintf(stderr, "%s", cmsg ); }