|
From: | David Volgyes |
Subject: | [bug #33422] acorn.c: buffer access out of bounds |
Date: | Sun, 29 May 2011 08:19:22 +0000 |
User-agent: | Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 |
URL: <http://savannah.gnu.org/bugs/?33422> Summary: acorn.c: buffer access out of bounds Project: GNU GRUB Submitted by: dvolgyes Submitted on: Sun 29 May 2011 08:19:21 AM GMT Category: Disk & Partition Severity: Major Priority: 5 - Normal Item Group: Software Error Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Discussion Lock: Any Release: Release: Bazaar - trunk Reproducibility: Every Time Planned Release: None _______________________________________________________ Details: In tar.gz of 1.99rc2 version: At grub-core/partmap/acorn.c:74 a for-loop tries to access 0x1ff elements in an array (boot.misc) which has only 0x1c0. (See grub_acorn_boot_block at the beginning of the same file.) (Found with cppcheck 1.47.) I do not know what is the expected behavior of this code-fragments but I am quite sure that this is a serious bug. _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?33422> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |