#578 buffer overflow while parsing 'define'

closed-fixed
nobody
None
5
2007-03-04
2007-01-20
Bert Wesarg
No

there is a buffer overflow, when function names are longer than MAX_SYM_LEN (defined in interpret.h:36) in macro.c:readCheckMacroString() line 865.
beside this, this function don't check if the function name starts only with a letter, but i don't know whether this rule apply to function names.

Discussion

  • Bert Wesarg

    Bert Wesarg - 2007-01-22

    Logged In: YES
    user_id=122956
    Originator: YES

    patch attached, to prevent buffer overflow and return error message
    File Added: fix-buffer-overflow-in-macro_c.patch

     
  • Tony Balinski

    Tony Balinski - 2007-01-25

    Logged In: YES
    user_id=618141
    Originator: NO

    I intend to check this in. It's definitely an improvement on the existing code.

     
  • Tony Balinski

    Tony Balinski - 2007-01-26

    Logged In: YES
    user_id=618141
    Originator: NO

    Checked in (added extra brace pair for clarity)

     
  • Tony Balinski

    Tony Balinski - 2007-03-01

    Logged In: YES
    user_id=618141
    Originator: NO

    Can we close this? (I can't do it myself.)

     
  • Thorsten Haude

    Thorsten Haude - 2007-03-04
    • status: open --> closed-fixed
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks