[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] quotearg: do not read beyond end of buffer
From: |
Jim Meyering |
Subject: |
Re: [PATCH] quotearg: do not read beyond end of buffer |
Date: |
Tue, 14 May 2013 03:55:57 +0200 |
Jim Meyering wrote:
> Paul Eggert wrote:
>> On 05/12/2013 10:14 PM, Jim Meyering wrote:
>>> I ran gcc's -fsanitize=address against coreutils, and two
>>> sort tests failed due to buffer overruns. Both arose via
>>> a bug in quotearg.c. Patch below. Two things remain to do:
>>> 1) find when the bug was introduced (before push)
>>> 2) address the module-factoring FIXME comment (after)
>>>
>>> Not sure I'll do #1, but I will get to #2.
>>
>> Thanks for catching this bug!
>>
>> For #1, it looks like it was commit c4b7f3f8557b27a729a0065bba401dc629357345:
>>
>> http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=c4b7f3f8557b27a729a0065bba401dc629357345
I've adjusted the commit log to include that, and pushed.