#304 Buffer overflow in atomic parsley

closed
5
2012-07-09
2012-06-18
No

While building gtkpod 2.1.2 on open build service, the build root policy checker reports this error:

E: gtkpod bufferoverflow AtomicParsley.cpp:1891:42

The source in question is:

char* result = (char*) malloc(sizeof(char) * 6);
sprintf(result, "hex 0x");

=> the size of result needs to cater for a \0 in plus to "hex 0x", thus needs to be 7 chars long.

Discussion

  • phantomjinx

    phantomjinx - 2012-06-27
    • assigned_to: nobody --> phantom_sf
     
  • phantomjinx

    phantomjinx - 2012-07-09
    • status: open --> closed
     
  • phantomjinx

    phantomjinx - 2012-07-09

    Fixed in 2.1.3 unstable

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks