[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heap-buffer-overflow in valid_parameter_transform

From: Chet Ramey
Subject: Re: Heap-buffer-overflow in valid_parameter_transform
Date: Wed, 31 Aug 2022 15:37:01 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.2.0

On 8/31/22 3:34 PM, Ivan Kapranov wrote:
Are you sure?
The patch i have attached fixes a buffer overflow if the xform is a single character string.

The xform is always a single-character string. xform[1] had better be the
'\0' that terminates it. If it's not, the xform is invalid. Nothing you've
sent me demonstrates a case where that function gets a null string as its

``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]