d/p/10:Add fix for possible string overflow

diff --git a/debian/patches/10_correct_format_output_size.patch b/debian/patches/10_correct_format_output_size.patch
new file mode 100644 (file)
index 0000000..11fbd88
--- /dev/null
+++ b/debian/patches/10_correct_format_output_size.patch
@@ -0,0 +1,19 @@
+Author: Gert Wollny <gw.fossdev@gmail.com>
+Description: Fix warning about writing beyond end of character array. 
+ Actually, the overflow is _very_unlikely, because having a series with 
+ more  then one million frames in a series is highly unlikely, but this 
+ fix has no relevant implications on the memory and runtime footprint of 
+ the code. 
+Last-Changed: 2017-09-06
+ 
+--- a/dcmnet/apps/storescp.cc
++++ b/dcmnet/apps/storescp.cc
+@@ -2470,7 +2470,7 @@
+     // determine the new file name: The first two characters of the old file name make up the [modality-prefix].
+     // The value for [consecutive-numbering] will be determined using the counter variable.
+     char modalityId[3];
+-    char newFileName[9];
++    char newFileName[13];
+     if (opt_timeNames)
+     {
+       // modality prefix are the first 2 characters after serial number (if present)

diff --git a/debian/patches/series b/debian/patches/series
index fe4144004b13b26a86e8dd9138e4c416acf2b4e6..17b50fc462f4fdfa65d80a286d0638f0c310244f 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@
 07_dont_export_all_executables.patch
 08_remove_system_processor.patch
 09_fix_format_on_32bit.patch
+10_correct_format_output_size.patch