From e00f517c39ea33002e74a9c31499651050bb25d4 Mon Sep 17 00:00:00 2001 From: Bertrand Bellenot Date: Mon, 11 May 2026 11:01:47 +0200 Subject: [PATCH 1/2] Fix potential buffer overflow As reported here: https://github.com/root-project/root/security/code-scanning/1845 - Fixes https://github.com/root-project/root/issues/22213 - Fixes https://github.com/root-project/root/security/code-scanning/1845 --- net/net/src/TApplicationServer.cxx | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/net/net/src/TApplicationServer.cxx b/net/net/src/TApplicationServer.cxx index 7290197eb1de0..306bd5d837398 100644 --- a/net/net/src/TApplicationServer.cxx +++ b/net/net/src/TApplicationServer.cxx @@ -755,18 +755,13 @@ Int_t TApplicationServer::ReceiveFile(const char *file, Bool_t bin, Long64_t siz Int_t w; if (!bin) { - Int_t k = 0, i = 0, j = 0; - char *q; - while (i < r) { - if (p[i] == '\r') { - i++; - k++; + Int_t j = 0; + for (Int_t i = 0; i < r; ++i) { + if (p[i] != '\r') { + p[j++] = p[i]; } - cpy[j++] = buf[i++]; } - q = cpy; - r -= k; - w = write(fd, q, r); + w = write(fd, p, j); } else { w = write(fd, p, r); } From 16f110059421cae32b95f911f19d926584019e67 Mon Sep 17 00:00:00 2001 From: Bertrand Bellenot Date: Mon, 11 May 2026 12:18:14 +0200 Subject: [PATCH 2/2] Remove unused variable --- net/net/src/TApplicationServer.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/net/src/TApplicationServer.cxx b/net/net/src/TApplicationServer.cxx index 306bd5d837398..7121b71cdd805 100644 --- a/net/net/src/TApplicationServer.cxx +++ b/net/net/src/TApplicationServer.cxx @@ -737,7 +737,7 @@ Int_t TApplicationServer::ReceiveFile(const char *file, Bool_t bin, Long64_t siz } const Int_t kMAXBUF = 16384; //32768 //16384 //65536; - char buf[kMAXBUF], cpy[kMAXBUF]; + char buf[kMAXBUF]; Int_t left, r; Long64_t filesize = 0;