project: Fix potential buffer write-past-end for version components

This fixes two errors: not accounting for the trailing null and a misunderstanding of what std::numeric_limits::digits10 means.
author: Craig Scott <craig.scott@crascit.com> 2019-10-26 05:30:22 (GMT)
committer: Craig Scott <craig.scott@crascit.com> 2019-10-26 06:50:24 (GMT)
commit: 82cdb26c93b595e3791818cc8f24dfc6935eb8a8 (patch)
tree: 8fc2cf3057d0bbbcf05adb9bf1400cae66ddbcb4 /Source/cmProjectCommand.cxx
parent: 15a0b0d04660fdec8c231ec4d1054ff5f5274610 (diff)
download: CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.zip
CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.tar.gz
CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.tar.bz2
1 files changed, 2 insertions, 1 deletions
diff --git a/Source/cmProjectCommand.cxx b/Source/cmProjectCommand.cxx
index eb59b4f..7bb5209 100644
--- a/Source/cmProjectCommand.cxx
+++ b/Source/cmProjectCommand.cxx
@@ -224,7 +224,8 @@ bool cmProjectCommand(std::vector<std::string> const& args,
     std::array<std::string, MAX_VERSION_COMPONENTS> version_components;
 
     if (cmp0096 == cmPolicies::OLD || cmp0096 == cmPolicies::WARN) {
-      char vb[MAX_VERSION_COMPONENTS][std::numeric_limits<unsigned>::digits10];
+      char vb[MAX_VERSION_COMPONENTS]
+             [std::numeric_limits<unsigned>::digits10 + 2];
       unsigned v[MAX_VERSION_COMPONENTS] = { 0, 0, 0, 0 };
       const int vc = std::sscanf(version.c_str(), "%u.%u.%u.%u", &v[0], &v[1],
                                  &v[2], &v[3]);
author	Craig Scott <craig.scott@crascit.com>	2019-10-26 05:30:22 (GMT)
committer	Craig Scott <craig.scott@crascit.com>	2019-10-26 06:50:24 (GMT)
commit	82cdb26c93b595e3791818cc8f24dfc6935eb8a8 (patch)
tree	8fc2cf3057d0bbbcf05adb9bf1400cae66ddbcb4 /Source/cmProjectCommand.cxx
parent	15a0b0d04660fdec8c231ec4d1054ff5f5274610 (diff)
download	CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.zip CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.tar.gz CMake-82cdb26c93b595e3791818cc8f24dfc6935eb8a8.tar.bz2