Fixed wrong variable use that could trigger a potential buffer overflow.

While it could be used for running arbitrary code, it's not a security hole, since the attacker would have to get you to run arbitrary code you downloaded in the first place. :)
icculus · Jul 30, 2009 · c272ccb · c272ccb
1 parent 6510cc7
commit c272ccb
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/platform_unix.c b/platform_unix.c
@@ -954,7 +954,7 @@ void *MojoPlatform_dlopen(const uint8 *img, size_t len)
 
     for (i = 0; (i < STATICARRAYLEN(dirs)) && (retval == NULL); i++)
     {
-        if (testTmpDir(dirs[i], fname, len, tmpl))
+        if (testTmpDir(dirs[i], fname, sizeof (fname), tmpl))
         {
             const int fd = mkstemp(fname);
             if (fd != -1)