[prev in list] [next in list] [prev in thread] [next in thread]
List: ncurses-bug
Subject: Re: Bug: heap-buffer-overflow in captoinfo.c:321
From: Thomas Dickey <dickey () his ! com>
Date: 2020-05-25 21:13:24
Message-ID: 20200525211324.37ubgkdv7jpaoe22 () prl-debianold-64 ! jexium-island ! net
[Download RAW message or body]
On Tue, May 26, 2020 at 12:45:28AM +0800, puppet@zju.edu.cn wrote:
> Version: ncurses 6.2.20200212OS: Ubuntu 16.04 LTSPOC: \
> https://github.com/puppet-meteor/NLP_POC/blob/master/infotocap/POC_13_000511cmd: \
> ./infotocap POC ASAN \
> log:================================================================= \
> ==35739==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62100001c900 at \
> pc 0x000000438979 bp 0x7fffffffbc10 sp 0x7fffffffbc00 READ of size 1 at \
> 0x62100001c900 thread T0
This one's the easy one to reproduce. As you can see by the "READ",
it's not a "heap-buffer-overflow" but what someone referred to as
an over-read (read past the end of the buffer).
--
Thomas E. Dickey <dickey@invisible-island.net>
https://invisible-island.net
ftp://ftp.invisible-island.net
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic