kc3-lang/libbsd

Diff

Show log
Commit

Hash : c8f0723d
Author :
Date : 2016-01-27T15:10:11

Fix heap buffer overflow in fgetwln()

In the function fgetwln() there's a 4 byte heap overflow.

There is a while loop that has this check to see whether there's still
enough space in the buffer:

		if (!fb->len || wused > fb->len) {

If this is true more memory gets allocated. However this test won't be
true if wused == fb->len, but at that point wused already points out
of the buffer. Some lines later there's a write to the buffer:

		fb->wbuf[wused++] = wc;

This bug was found with the help of address sanitizer.

Warned-by: ASAN
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=93881
Signed-off-by: Guillem Jover <guillem@hadrons.org>

Properties

Git HTTP	https://git.kmx.io/kc3-lang/libbsd.git
Git SSH	git@git.kmx.io:kc3-lang/libbsd.git
Public access ?	public
Description	Upstream Homepage Github Gitlab Fork Github
Users
Tags	0.9.1 0.9.0 0.8.7 0.8.6 0.8.5 0.8.4 0.8.3 0.8.2 0.8.1 0.8.0 0.7.0 0.6.0 0.5.2 0.5.1 0.5.0 0.4.2 0.4.1 0.4.0 0.3.0 0.2.0 0.11.7 0.11.6 0.11.5 0.11.4 0.11.3 0.11.2 0.11.1 0.11.0 0.10.0 0.1.6 0.1.5 0.1.4 0.1.3 0.1.2 0.1.1 0.1.0 0.0.1 0.0

README

libbsd - Utility functions from BSD systems

This library provides useful functions commonly found on BSD systems,
and lacking on others like GNU systems, thus making it easier to port
projects with strong BSD origins, without needing to embed the same
code over and over again on each project.


Releases
--------

  <http://libbsd.freedesktop.org/releases/>


Mailing List
------------

The subscription interface and web archives can be found at:

  <http://lists.freedesktop.org/mailman/listinfo/libbsd>

The mail address is:

  libbsd@lists.freedesktop.org


Source Repository
-----------------

  <http://cgit.freedesktop.org/libbsd>
  <git://anongit.freedesktop.org/git/libbsd>

kc3-lang/libbsd

Commit

Files

Properties

README