[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] quotearg: do not read beyond end of buffer
From: |
Paul Eggert |
Subject: |
Re: [PATCH] quotearg: do not read beyond end of buffer |
Date: |
Sun, 12 May 2013 23:34:47 -0700 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130404 Thunderbird/17.0.5 |
On 05/12/2013 10:14 PM, Jim Meyering wrote:
> I ran gcc's -fsanitize=address against coreutils, and two
> sort tests failed due to buffer overruns. Both arose via
> a bug in quotearg.c. Patch below. Two things remain to do:
> 1) find when the bug was introduced (before push)
> 2) address the module-factoring FIXME comment (after)
>
> Not sure I'll do #1, but I will get to #2.
Thanks for catching this bug!
For #1, it looks like it was commit c4b7f3f8557b27a729a0065bba401dc629357345:
http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=c4b7f3f8557b27a729a0065bba401dc629357345