Parfait analysis of GNU sed 4.2.2

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Parfait analysis of GNU sed 4.2.2

From:	Rich Burridge
Subject:	Parfait analysis of GNU sed 4.2.2
Date:	Thu, 14 Feb 2013 10:10:48 -0800
User-agent:	Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/17.0 Thunderbird/17.0

Hi,

I'm in the process of updating the version of GNU sed that's in
the Oracle Solaris O/S to 4.2.2. Part of this update requires
a security audit, including running the Parfait static code analysis
tool on the GNU sed code.

For more information on parfait, see the paper:

http://labs.oracle.com/projects/downunder/publications/pepm09.pdf

Anyhoo, parfait found the following error:

Error: Buffer overrun

Buffer overflow (CWE 120): In array dereference of((char*)(word_limit + -1))[12] with index '-1+12'

      Array size is 32000 bytes, -1+12 is -20

at line 257 of components/sed/sed-4.2.2/sed/fmt.c in function'get_paragraph'.Read outside array bounds (CWE 125): In array dereference of((char*)(word_limit + -1))[12] with index '-1+12'

      Array size is 32000 bytes, -1+12 is -20

at line 257 of components/sed/sed-4.2.2/sed/fmt.c in function'get_paragraph'.


You might wish to review this and see if it is a real problem that
need addressing (as opposed to a false positive).

Thanks.

[Prev in Thread]

Current Thread

[Next in Thread]

Parfait analysis of GNU sed 4.2.2, Rich Burridge <=
- Re: Parfait analysis of GNU sed 4.2.2, Paolo Bonzini, 2013/02/14
  - Re: Parfait analysis of GNU sed 4.2.2, Jose E. Marchesi, 2013/02/14
- Re: Parfait analysis of GNU sed 4.2.2, Jose E. Marchesi, 2013/02/14
- Re: Parfait analysis of GNU sed 4.2.2, Paul Eggert, 2013/02/14

Prev by Date: sed bug
Next by Date: Re: Parfait analysis of GNU sed 4.2.2
Previous by thread: sed bug
Next by thread: Re: Parfait analysis of GNU sed 4.2.2
Index(es):
- Date
- Thread