Possible buffer overflow at hPatt_2_str

[kobi3028]

The function hPatt_2_str

char *hPatt_2_str(HammerPattern * h_patt, int fields){	
    static char patt_str[256];	
    char *dAddr_str;
    memset(patt_str, 0x00, 256);
    for (int i = 0; i < h_patt->len; i++) {		
          dAddr_str = dAddr_2_str(h_patt->d_lst[i], fields);		
          strcat(patt_str, dAddr_str);		
          if (i + 1 != h_patt->len) {			
               strcat(patt_str, "/");		
          }
    }	
    return patt_str;
}

The function does strcat with patt_str as the destination without checking the buffer limit,
that can cause to overflow of the p global pointer that will cause a segmentation fault

[tajiaodavid]

How can I solve this problem?

[kobi3028]

checking the buffer limit before calling to strcat, will solve the problem, you can use dynamic allocation in case 256 bytes is not large enough

[bygo7]

Oh same as mine, changing the allocation size from 256 to 1024 has solved the problem in my case.