[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug #23029] autogsdoc buffer overflow in gnustep-base 1.14.2 and 1.

From: Gareth Armstrong
Subject: Re: [bug #23029] autogsdoc buffer overflow in gnustep-base 1.14.2 and 1.14.3 on Rhel 5
Date: Tue, 10 Jun 2008 15:03:25 +0200
User-agent: Thunderbird (X11/20080501)

Hello again Richard,

I confirm that the fix you implemented works on a Fedora 8 x86_64 platform. I will test it out on Rhel5 i386 and x86_64 as well. Will this fix make it into the 1.14.x series of gnustep-base? It would be very nice to have.

Many thanks again,


address@hidden ~/WORK/OCEK/gnustep
$ autogsdoc
2008-06-10 14:51:38.724 autogsdoc[19561] No .h, .m, .c, .gsdoc, or .html filename arguments found ... giving up

Richard Frith-Macdonald wrote:
Update of bug #23029 (project gnustep):

                  Status:               Need Info => Fixed
             Open/Closed:                    Open => In Test


Follow-up Comment #3:

This section:

#5 0x00000039388e90bb in __realpath_chk (buf=0x66c8 <Address 0x66c8 out
of bounds>,
resolved=0x66c8 <Address 0x66c8 out of bounds>, resolvedlen=6) at
#6 0x00002aaaaacd96af in -[NSString stringByResolvingSymlinksInPath]

Tells me that the problem is detected in the libc realpath() function.

Now, as far as I can see, the only way this can have a problem is if the
output buffer supplied to the function is not large enough to hold the
expanded path.
The code was defaulting to using 1024 if MAX_PATH was not defined, so I've
changed it to refrain from using realpath() in that situation.

Please could you update using the code from subversion, and see if this fixes
the problem and let me know (you can email direct to richard at
tiptree.demon.co.uk if you are still having problems with email filtering).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]