[BusyBox 0004364]: od/dump.c - uninitialized read

bugs at busybox.net bugs at busybox.net
Mon Jul 28 05:44:28 UTC 2008


The following issue has been SUBMITTED. 
====================================================================== 
http://busybox.net/bugs/view.php?id=4364 
====================================================================== 
Reported By:                cristic
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   4364
Category:                   Documentation
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             07-27-2008 22:44 PDT
Last Modified:              07-27-2008 22:44 PDT
====================================================================== 
Summary:                    od/dump.c - uninitialized read
Description: 
echo A >A && od A
may read uninitialized memory. 
The problem is in function get() in dump.c:
- dump.c:385 -> the buffer dumper->get__savp is created by calling
xmalloc()
- dump.c:405 -> when this line is hit in the second iteration through
                the while(1) loop, the buffer dumper->get__curp contains
"A", 
                but the buffer dumper->get__savp is still uninitialized. 

                Thus the memcmp call on this line will read uninitialized
                data.

I think the fix is really easy: just replace xmalloc() with xzalloc() at
dump.c:385

--Cristian
====================================================================== 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
07-27-08 22:44  cristic        New Issue                                    
07-27-08 22:44  cristic        Status                   new => assigned     
07-27-08 22:44  cristic        Assigned To               => BusyBox         
======================================================================




More information about the busybox-cvs mailing list