Possible Stack Overflow in setExecutablePath

Issue #5 resolved
created an issue

In py2app/apptemplate/src/main.c:517 : {{{ if (!_NSGetExecutablePath(executable_path, &bufsize)) { executable_path[bufsize] = '\0'; }}} According to official Apple docs (man 3 dyld), the function _NSGetExecutablePath sets 'bufsize' only when it fails, which means that inside the "then" clause, bufsize==PATH_MAX and this assignment violates array bounds.

Luckily, it appears _NSGetExecutablePath puts the null terminator correctly so this line can be removed.

Comments (2)

  1. Ronald Oussoren repo owner

    I've just committed a fix. As the documentation of _NSGetExecutablePath isn't too clear about always returning a NUL-terimated string I'm now allocating a buffer that is 1 byte longer than the size passed to _NSGetExecutablePath and I'm clearing said buffer before the call.

  2. Log in to comment