[BusyBox 0004364]: od/dump.c - uninitialized read
bugs at busybox.net
bugs at busybox.net
Mon Jul 28 05:44:28 UTC 2008
The following issue has been SUBMITTED.
======================================================================
http://busybox.net/bugs/view.php?id=4364
======================================================================
Reported By: cristic
Assigned To: BusyBox
======================================================================
Project: BusyBox
Issue ID: 4364
Category: Documentation
Reproducibility: always
Severity: minor
Priority: normal
Status: assigned
======================================================================
Date Submitted: 07-27-2008 22:44 PDT
Last Modified: 07-27-2008 22:44 PDT
======================================================================
Summary: od/dump.c - uninitialized read
Description:
echo A >A && od A
may read uninitialized memory.
The problem is in function get() in dump.c:
- dump.c:385 -> the buffer dumper->get__savp is created by calling
xmalloc()
- dump.c:405 -> when this line is hit in the second iteration through
the while(1) loop, the buffer dumper->get__curp contains
"A",
but the buffer dumper->get__savp is still uninitialized.
Thus the memcmp call on this line will read uninitialized
data.
I think the fix is really easy: just replace xmalloc() with xzalloc() at
dump.c:385
--Cristian
======================================================================
Issue History
Date Modified Username Field Change
======================================================================
07-27-08 22:44 cristic New Issue
07-27-08 22:44 cristic Status new => assigned
07-27-08 22:44 cristic Assigned To => BusyBox
======================================================================
More information about the busybox-cvs
mailing list