bug-tar
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-tar] [Fwd: Bug#377557: tar: bufferover flow in tests/genfile.c]

From: Bdale Garbee
Subject: [Bug-tar] [Fwd: Bug#377557: tar: bufferover flow in tests/genfile.c]
Date: Mon, 31 Jul 2006 09:13:28 -0600 
FYI, a buffer overflow fix in the test suite discovered while diagnosing
amd64 test suite problems in Debian.

Bdale
--- Begin Message --- Subject: Bug#377557: tar: bufferover flow in tests/genfile.c Date: Mon, 10 Jul 2006 01:47:02 +0200 User-agent: Mutt/1.4.2.1i 
Package: tar
Version: 1.15.91-2
Tags: patch

Hi,

When searching for problems why the testsuite failed, I came
acrross an error where there is a buffer overflow in genfile.c

Here is the patch:
--- tests/genfile.c.old 2006-07-10 01:37:52.000000000 +0200
+++ tests/genfile.c     2006-07-10 01:38:04.000000000 +0200
@@ -708,7 +708,7 @@
      (without dash) */
   exec_argc++;
   exec_argv = xrealloc (exec_argv, exec_argc * sizeof (*exec_argv));
-  memmove (exec_argv+2, exec_argv+1, (exec_argc-1)*sizeof (*exec_argv));
+  memmove (exec_argv+2, exec_argv+1, (exec_argc-2)*sizeof (*exec_argv));
   exec_argv[1] = "--checkpoint";

 #ifdef SIGCHLD


Starting from exec_argv+2, you only have exec_argc-2
pointers free left.  The first 2 elements aren't touched.

Since this is only used in the testsuite, this probably
isn't a big problem.


Kurt

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]