#304 Buffer overflow in atomic parsley

closed
phantomjinx
5
2012-07-09
2012-06-18
No

While building gtkpod 2.1.2 on open build service, the build root policy checker reports this error:

E: gtkpod bufferoverflow AtomicParsley.cpp:1891:42

The source in question is:

char* result = (char*) malloc(sizeof(char) * 6);
sprintf(result, "hex 0x");

=> the size of result needs to cater for a \0 in plus to "hex 0x", thus needs to be 7 chars long.

Discussion

  • phantomjinx
    phantomjinx
    2012-06-27

    • assigned_to: nobody --> phantom_sf
     
  • phantomjinx
    phantomjinx
    2012-07-09

    • status: open --> closed
     
  • phantomjinx
    phantomjinx
    2012-07-09

    Fixed in 2.1.3 unstable