From 96976105f3dc50bdc75cd23b5d163373a6c4d02f Mon Sep 17 00:00:00 2001

From: Mohammed Sadiq <sadiq@sadiqpk.org>

Date: Fri, 5 May 2017 17:40:33 +0530

Subject: [PATCH 1/3] hostname-helper: don't read past '\0'

g_utf8_find_next_char() doesn't do checks whether the char

is '\0' or not. We have to take care of that ourself.

This commit fixes heap-buffer-overflow found by test-hostname

ERROR: AddressSanitizer: heap-buffer-overflow on address

READ of size 1 at 0x60200000cd76 thread T0

 #0 0x7f8b26920d08 in g_utf8_find_next_char glib/glib/gutf8.c:179

 #1 0x55c2b8eacaee in pretty_hostname_to_ssid gnome-control-center/shell/hostname-helper.c:199

https://bugzilla.gnome.org/show_bug.cgi?id=782216

---

 shell/hostname-helper.c | 3 +++

 1 file changed, 3 insertions(+)

diff --git a/shell/hostname-helper.c b/shell/hostname-helper.c

index 45baf5184..ab889b96b 100644

--- a/shell/hostname-helper.c

+++ b/shell/hostname-helper.c

@@ -208,6 +208,9 @@ pretty_hostname_to_ssid (const char *pretty)

 			break;

 		}

+		if (*p == '\0')

+			break;

+

 		prev = p;

 	}

-- 

2.12.2