From d80bc25ebacc0fe1ba40ab836e03e6590156aecc Mon Sep 17 00:00:00 2001
From: Yu-Chen Lin <npes87184@gmail.com>
Date: Sat, 4 Dec 2021 11:11:30 +0800
Subject: [PATCH] Fix overflow in memcpy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In function ‘memcpy’,
    inlined from ‘control_msg_serialize.constprop’ at ../app/src/control_msg.c:77:5,
    inlined from ‘run_controller’ at ../app/src/controller.c:69:12:
        /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10:
        warning: ‘__builtin___memcpy_chk’ writing 262138 bytes into a region
        of size 262130 overflows the destination [-Wstringop-overflow=]
   return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));

Refs 901d8371655582b432d5d92430177a59df8058b9
PR #2859 <https://github.com/Genymobile/scrcpy/pull/2859>

Signed-off-by: Yu-Chen Lin <npes87184@gmail.com>
Signed-off-by: Romain Vimont <rom@rom1v.com>
---
 app/src/control_msg.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/src/control_msg.h b/app/src/control_msg.h
index 6f1824bb..7f3235d7 100644
--- a/app/src/control_msg.h
+++ b/app/src/control_msg.h
@@ -14,8 +14,8 @@
 #define CONTROL_MSG_MAX_SIZE (1 << 18) // 256k
 
 #define CONTROL_MSG_INJECT_TEXT_MAX_LENGTH 300
-// type: 1 byte; paste flag: 1 byte; length: 4 bytes
-#define CONTROL_MSG_CLIPBOARD_TEXT_MAX_LENGTH (CONTROL_MSG_MAX_SIZE - 6)
+// type: 1 byte; sequence: 8 bytes; paste flag: 1 byte; length: 4 bytes
+#define CONTROL_MSG_CLIPBOARD_TEXT_MAX_LENGTH (CONTROL_MSG_MAX_SIZE - 14)
 
 #define POINTER_ID_MOUSE UINT64_C(-1)
 #define POINTER_ID_VIRTUAL_FINGER UINT64_C(-2)