CardReader::lsDive - buffer overflow during M20 command
TinkerGnome opened this issue · comments
TinkerGnome commented
The "M20" command uses this function to list all files on the sdcard.
The variable "path" is defined as
char path[13*2];
...but it concatenates up to 10 directory names in this buffer during the recursive calls (MAX_DIR_DEPTH):
strcat(path,prepend);
See:
cardreader.cpp - lines 64 to 89