|
From: | Antonio Ceballos |
Subject: | Re: Bug in return_append_str |
Date: | Mon, 3 Jul 2017 00:14:06 +0200 |
Hello,There is a buffer overrun in return_append_str in src/frontend/lexpgn.cc at line
2224 newloc = (char *) malloc(strlen(s))+1; The line should read:newloc = (char *) malloc(strlen(s)+1);We found this using static analysis using CodeSonar. I don’t have an actual path that will demonstrate this bug.Regards,Mark—Mark Hermeling | GrammaTech | Senior Director Product Marketing
mobile +1 (607) 351-5719 | www.grammatech.com
_______________________________________________
Bug-gnu-chess mailing list
address@hidden
https://lists.gnu.org/mailman/listinfo/bug-gnu-chess
[Prev in Thread] | Current Thread | [Next in Thread] |