[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #66052] [troff] possible 1-byte stack overwrite, heap overread
From: |
G. Branden Robinson |
Subject: |
[bug #66052] [troff] possible 1-byte stack overwrite, heap overread |
Date: |
Wed, 7 Aug 2024 03:59:50 -0400 (EDT) |
Follow-up Comment #3, bug #66052 (group groff):
Confirmed the second case too.
2024-08-07 G. Branden Robinson <g.branden.robinson@gmail.com>
[troff]: Fix Savannah #66052 (2/2).
* src/roff/troff/input.cpp (temp_iterator::temp_iterator):
Prevent potential heap overreads. Ensure that temporary
iterators are null-terminated when constructing them.
Fixes <https://savannah.gnu.org/bugs/?66052> (2/2). Thanks to
Lukas Javorsky for identifying the problem using "SAST analyzers
{combination of coverity, snyk, cppcheck, gcc, clang,
shellcheck, unicontrol}".
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66052>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
- [bug #66052] Possible OVERRUN on two arrays in roff/troff, Lukas, 2024/08/01
- [bug #66052] [troff] possible 1-byte stack and heap overruns, G. Branden Robinson, 2024/08/01
- [bug #66052] [troff] possible 1-byte stack and heap overruns, G. Branden Robinson, 2024/08/07
- [bug #66052] [troff] possible 1-byte stack and heap overruns, G. Branden Robinson, 2024/08/07
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread, G. Branden Robinson, 2024/08/07
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread,
G. Branden Robinson <=
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread, G. Branden Robinson, 2024/08/08
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread, G. Branden Robinson, 2024/08/09
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread, Lukas Javorsky, 2024/08/21
- [bug #66052] [troff] possible 1-byte stack overwrite, heap overread, G. Branden Robinson, 2024/08/31