From be11603dc224345a1b75e8cdf7b0c5396db0d94d Mon Sep 17 00:00:00 2001
From: Bastien Montagne <bastien@blender.org>
Date: Wed, 16 Sep 2020 14:37:03 +0200
Subject: Fix (unreported) buffer overflow in Cycles' system_cpu_brand_string
 helper.

Since this buffer is used as an array of 12 32bits integers, and C++
`string` expect a NULL-terminated C-string, we need an extra char to
ensure last one is always NULL.

See D8906. Found while investigating T80657.
---
 intern/cycles/util/util_system.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'intern/cycles')

diff --git a/intern/cycles/util/util_system.cpp b/intern/cycles/util/util_system.cpp
index 6d32153209a..2c1716ce515 100644
--- a/intern/cycles/util/util_system.cpp
+++ b/intern/cycles/util/util_system.cpp
@@ -166,7 +166,7 @@ static void __cpuid(int data[4], int selector)
 
 string system_cpu_brand_string()
 {
-  char buf[48] = {0};
+  char buf[49] = {0};
   int result[4] = {0};
 
   __cpuid(result, 0x80000000);
-- 
cgit v1.2.3