Closed ronaldoussoren closed 13 years ago
Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).
Good catch, thank you.
Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).
I've just committed a fix. As the documentation of _NSGetExecutablePath isn't too clear about always returning a NUL-terimated string I'm now allocating a buffer that is 1 byte longer than the size passed to _NSGetExecutablePath and I'm clearing said buffer before the call.
Original report by corwin_of_amber (Bitbucket: corwin_of_amber, ).
In py2app/apptemplate/src/main.c:517 :
According to official Apple docs (man 3 dyld), the function _NSGetExecutablePath sets 'bufsize' only when it fails, which means that inside the "then" clause, bufsize==PATH_MAX and this assignment violates array bounds.
Luckily, it appears _NSGetExecutablePath puts the null terminator correctly so this line can be removed.