[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #23029] autogsdoc buffer overflow in gnustep-base 1.14.2 and 1.14.3
[bug #23029] autogsdoc buffer overflow in gnustep-base 1.14.2 and 1.14.3 on Rhel 5
Tue, 10 Jun 2008 11:25:42 +0000
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_3; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.1 Safari/525.20
Update of bug #23029 (project gnustep):
Status: Need Info => Fixed
Open/Closed: Open => In Test
Follow-up Comment #3:
#5 0x00000039388e90bb in __realpath_chk (buf=0x66c8 <Address 0x66c8 out
resolved=0x66c8 <Address 0x66c8 out of bounds>, resolvedlen=6) at
#6 0x00002aaaaacd96af in -[NSString stringByResolvingSymlinksInPath]
Tells me that the problem is detected in the libc realpath() function.
Now, as far as I can see, the only way this can have a problem is if the
output buffer supplied to the function is not large enough to hold the
The code was defaulting to using 1024 if MAX_PATH was not defined, so I've
changed it to refrain from using realpath() in that situation.
Please could you update using the code from subversion, and see if this fixes
the problem and let me know (you can email direct to richard at
tiptree.demon.co.uk if you are still having problems with email filtering).
Reply to this item at:
Message sent via/by Savannah