23a71fbe15337ff7a46ff9ab889bfed88f6849f6 angie Sun Nov 29 10:17:54 2020 -0800 vcfRenameAndPrune: prevent safecpy overflow in rare case by leaking a little memory. diff --git src/hg/utils/vcfRenameAndPrune/vcfRenameAndPrune.c src/hg/utils/vcfRenameAndPrune/vcfRenameAndPrune.c index 61a4240..a43f84b 100644 --- src/hg/utils/vcfRenameAndPrune/vcfRenameAndPrune.c +++ src/hg/utils/vcfRenameAndPrune/vcfRenameAndPrune.c @@ -118,31 +118,37 @@ // Alternate allele; if this is the first time we've seen this one, add it to // newAlts. int oldAltIx = alIx - 1; int newAltIx = altIxOldToNew[oldAltIx]; if (newAltIx < 0) { newAltIx = newAltCount++; newAlts[newAltIx] = alts[oldAltIx]; newAltCounts[newAltIx] = 1; altIxOldToNew[oldAltIx] = newAltIx; } else newAltCounts[newAltIx]++; // Update gt, i.e. words[keeperColumns[i]], with the new allele index. int newAlIx = newAltIx + 1; - safef(gt, strlen(gt)+1, "%d", newAlIx); + char newGt[16]; + safef(newGt, sizeof newGt, "%d", newAlIx); + if (strlen(newGt) <= strlen(gt)) + safecpy(gt, strlen(gt)+1, newGt); + else + // Extremely rare: single-digit ix to double-digit ix. Leak a little mem. + words[keeperColumns[i]] = cloneString(newGt); } } } if (newAltCount > 0) { // Write out line with updated alts, info, genotype columns fprintf(outF, "%s\t%s\t%s\t%s\t%s", words[0], words[1], words[2], words[3], newAlts[0]); for (i = 1; i < newAltCount; i++) fprintf(outF, ",%s", newAlts[i]); fprintf(outF, "\t%s\t%s\tAC=%d", words[5], words[6], newAltCounts[0]); for (i = 1; i < newAltCount; i++) fprintf(outF, ",%d", newAltCounts[i]); fprintf(outF, ";AN=%d\tGT", totalCalls); for (i = 0; i < keeperCount; i++)