|
From: | amodra at gmail dot com |
Subject: | [Bug gas/20896] AS: Buffer Overflow when expanding .irp directives |
Date: | Mon, 05 Dec 2016 00:41:14 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=20896 Alan Modra <amodra at gmail dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Last reconfirmed| |2016-12-05 CC| |amodra at gmail dot com Ever confirmed|0 |1 --- Comment #3 from Alan Modra <amodra at gmail dot com> --- The problem is that next_char_of_string() only returns NOT_A_CHAR for '\"'. NOT_A_CHAR is tested by is_a_char() in demand_copy_string() to determine the end of string. A NUL is not seen as the end of string.. ie. demand_copy_string() can merrily read off the end of input. -- You are receiving this mail because: You are on the CC list for the bug.
[Prev in Thread] | Current Thread | [Next in Thread] |