[Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci]

chicken-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci]

From:	Moritz Heidkamp
Subject:	[Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci]
Date:	Sun, 14 Dec 2014 23:41:34 +0100

Dear Chickeneers,

the attached patch fixes a potential buffer overrun in
substring-index[-ci] I ran into today (pun intended). See commit message
for details. I included a regression test but I'm not sure whether it's
ideal because it adds a dependency on object-evict to the
data-structures tests. Alternative ideas welcome. While I was at it I
also added a range check for the start index argument and got rid of the
square brackets :-)

I guess this might warrant a CVE?

Cheers
Moritz
-- 
bevuta IT GmbH - professional IT solutions
Marktstrasse 10 | http://www.bevuta.com/ | HRB 62476 AG Cologne
D-50968 Cologne | Tel.: +49 221 282678-0 | CEO: Pablo Beyen

0001-Fix-buffer-overrun-in-substring-index-ci.patch
Description: Text Data

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci], Moritz Heidkamp <=
- Re: [Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci], Peter Bex, 2014/12/18

Next by Date: [Chicken-hackers] Scheduled call-cc.org server maintenance
Next by thread: Re: [Chicken-hackers] [PATCH] Fix buffer overrun in substring-index[-ci]
Index(es):
- Date
- Thread