#20393: pstoedit 3.45 cmd line option -pagesize xx fails due to strcpy_s overflow ----------------------------+----------------------------------------------- Reporter: jwb@… | Owner: macports-tickets@… Type: defect | Status: new Priority: High | Milestone: Component: ports | Version: 1.7.1 Keywords: | Port: pstoedit ----------------------------+----------------------------------------------- When invoking pstoedit with the -pagesize xx (e.g. a0) cmd line option, strcpy_s (in cppcomp.h around line 244) fails with buffer overflow in strcpy_s error. appears that test at line 238 (tobecopied < de_size) fails as tobecopied == de_size (=2 in -pagesize a1 for example). Option works if changed to <= , but not sure this is best way as line 242 then pokes a terminator just past this, which to me seems beyond the end of allocated space. i.e. it looks as though IF line 242 is required, then de_size on invocation should be 1 greater than string length .. this probably has implications else where in the code. Could someone please comment.. I'll fix it if there are no better offers - What is best to do please? -- Ticket URL: <http://trac.macports.org/ticket/20393> MacPorts <http://www.macports.org/> Ports system for Mac OS