search

ronaldoussoren / py2app

py2app is a Python setuptools command which will allow you to make standalone Mac OS X application bundles and plugins from Python scripts.
Other
344 stars 36 forks source link

Possible Stack Overflow in setExecutablePath #5

Closed ronaldoussoren closed 13 years ago

ronaldoussoren commented 13 years ago

Original report by corwin_of_amber (Bitbucket: corwin_of_amber, ).

In py2app/apptemplate/src/main.c:517 :

    if (!_NSGetExecutablePath(executable_path, &bufsize)) {
        executable_path[bufsize] = '\0';

According to official Apple docs (man 3 dyld), the function _NSGetExecutablePath sets 'bufsize' only when it fails, which means that inside the "then" clause, bufsize==PATH_MAX and this assignment violates array bounds.

Luckily, it appears _NSGetExecutablePath puts the null terminator correctly so this line can be removed.

ronaldoussoren commented 13 years ago

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

Good catch, thank you.

ronaldoussoren commented 13 years ago

Original comment by Ronald Oussoren (Bitbucket: ronaldoussoren, GitHub: ronaldoussoren).

I've just committed a fix. As the documentation of _NSGetExecutablePath isn't too clear about always returning a NUL-terimated string I'm now allocating a buffer that is 1 byte longer than the size passed to _NSGetExecutablePath and I'm clearing said buffer before the call.