[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heap-buffer-overflow in valid_parameter_transform
From: |
Chet Ramey |
Subject: |
Re: Heap-buffer-overflow in valid_parameter_transform |
Date: |
Wed, 31 Aug 2022 15:37:01 -0400 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.2.0 |
On 8/31/22 3:34 PM, Ivan Kapranov wrote:
Are you sure?
The patch i have attached fixes a buffer overflow if the xform is a single
character string.
The xform is always a single-character string. xform[1] had better be the
'\0' that terminates it. If it's not, the xform is invalid. Nothing you've
sent me demonstrates a case where that function gets a null string as its
argument.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/