[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[avrdude-dev] [bug #54159] Buffer overflow in usbtiny.c
From: |
anonymous |
Subject: |
[avrdude-dev] [bug #54159] Buffer overflow in usbtiny.c |
Date: |
Wed, 20 Jun 2018 16:47:59 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 |
URL:
<http://savannah.nongnu.org/bugs/?54159>
Summary: Buffer overflow in usbtiny.c
Project: AVR Downloader/UploaDEr
Submitted by: None
Submitted on: Wed 20 Jun 2018 08:47:58 PM UTC
Category: None
Severity: 3 - Normal
Priority: 5 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Originator Name: Marius Greuel
Originator Email: address@hidden
Open/Closed: Open
Release: 6.3
Discussion Lock: Any
Programmer hardware: usbtiny
Device type: t85
_______________________________________________________
Details:
There is a bug in usbtiny_paged_load() that causes a read/verify operation to
overflow the flash memory buffer and crash the application.
The chunk being read is always 128, regardless of the actual bytes requested
or bytes left.
See patch.txt for details.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Wed 20 Jun 2018 08:47:58 PM UTC Name: patch.txt Size: 791B By: None
<http://savannah.nongnu.org/bugs/download.php?file_id=44398>
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?54159>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [avrdude-dev] [bug #54159] Buffer overflow in usbtiny.c,
anonymous <=