It seems a pretty unlikely scenario to trigger this, but the following code in device_info_from_device_record() and get_next_event() can leave udid unterminated:
This might be a security issue if usbmuxd forwards notifications from potentially malicious devices. I believe any such device would need to be physically connected to USB, so exposure is limited.
It seems a pretty unlikely scenario to trigger this, but the following code in
device_info_from_device_record()
andget_next_event()
can leaveudid
unterminated:Later in
usbmuxd_get_device_by_udid()
,udid
isstrcpy()
d which could cause all sorts of chaos.I believe a well-formed serial number should be 40 chars, so the fix (in both locations) is simple:
This might be a security issue if
usbmuxd
forwards notifications from potentially malicious devices. I believe any such device would need to be physically connected to USB, so exposure is limited.