[prev in list] [next in list] [prev in thread] [next in thread]
List: gpsd-dev
Subject: [Gpsd-dev] [PATCH] Fix insecure buffer handling in gpsd
From: esr () thyrsus ! com (Eric S ! Raymond)
Date: 2005-01-14 17:54:26
Message-ID: 20050114175426.GA12255 () thyrsus ! com
[Download RAW message or body]
Petter Reinholdtsen <pere@hungry.com>:
>
> I found this bug by accident, while reading the code.
>
> If the read() call on socket connected to a client is returning a
> negative number, memory outside 'buf' might be written to.
>
> For example, if read() return -1, "buf[-1] = '\0'" would be invoked.
> This would result in undefined behaviour.
>
> This patch fixes the problem, as well as moves the scope of buf and
> buflen into the block where it is used.
Applied.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic