From d66f24cfe30d26e03863a78de9fd58bb3b65ed43 Mon Sep 17 00:00:00 2001
From: Campbell Barton <campbell@blender.org>
Date: Sun, 30 Oct 2022 15:34:02 +1100
Subject: Fix potential buffer overflow with BLI_path_slash_ensure use

BLI_path_slash_ensure was appending to fixed sized buffers without
a size check.
---
 source/blender/editors/space_buttons/buttons_ops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source/blender/editors/space_buttons')

diff --git a/source/blender/editors/space_buttons/buttons_ops.c b/source/blender/editors/space_buttons/buttons_ops.c
index a9ce9a3d723..4013288b13b 100644
--- a/source/blender/editors/space_buttons/buttons_ops.c
+++ b/source/blender/editors/space_buttons/buttons_ops.c
@@ -205,7 +205,7 @@ static int file_browse_exec(bContext *C, wmOperator *op)
 
     if (BLI_is_dir(path)) {
       /* Do this first so '//' isn't converted to '//\' on windows. */
-      BLI_path_slash_ensure(path);
+      BLI_path_slash_ensure(path, sizeof(path));
       if (is_relative) {
         BLI_path_rel(path, BKE_main_blendfile_path(bmain));
         str_len = strlen(path);
-- 
cgit v1.2.3