Bug in parse.c (1.8.2)

#21 Bug in parse.c (1.8.2)

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2014-08-28

Created: 2007-08-20

Creator: Anonymous

Private: No

If the config file is malformed, the parser may end up with "i" getting assigned -1. Since i is defined as an unsigned integer, it ends up as a positive value, which means the for loop using it will access unallocated memory.

This is a fix:

--- sudosh-1.8.2/src/parse.c 2005-06-12 18:22:42.000000000 -0500
+++ sudosh-1.8.2/src/parse.c-new 2007-08-20 12:39:17.000000000 -0500
@@ -19,7 +19,8 @@
void parse(option * o, const char *file)
{
FILE *f = fopen(file, "r");
- unsigned int line_number, i;
+ unsigned int line_number;
+ int i;
char line[BUFSIZ];
char *arg, *cmt, *opt;
config *scan;

Regards,
Vidar Hokstad <vidar@hokstad.com>

Discussion

gerhard lausser - 2007-09-12

Logged In: YES
user_id=613416
Originator: NO

look like project is dead. lot of bug and feature request not answered.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Josh Grebe - 2008-01-04

Logged In: YES
user_id=77213
Originator: NO

This project was abandoned, I have revived it as sudosh2.

http://sourceforge.net/projects/sudosh2/

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bug in parse.c (1.8.2)

Group

Searches

Help

#21 Bug in parse.c (1.8.2)

Discussion