[ nedit-Bugs-1640304 ] buffer overflow while parsing 'define'
SourceForge.net
noreply at sourceforge.net
Fri Mar 2 00:27:16 CET 2007
Bugs item #1640304, was opened at 2007-01-20 16:52
Message generated for change (Comment added) made by ajbj
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111005&aid=1640304&group_id=11005
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Bert Wesarg (lebert)
Assigned to: Nobody/Anonymous (nobody)
Summary: buffer overflow while parsing 'define'
Initial Comment:
there is a buffer overflow, when function names are longer than MAX_SYM_LEN (defined in interpret.h:36) in macro.c:readCheckMacroString() line 865.
beside this, this function don't check if the function name starts only with a letter, but i don't know whether this rule apply to function names.
----------------------------------------------------------------------
Comment By: Tony Balinski (ajbj)
Date: 2007-03-02 00:27
Message:
Logged In: YES
user_id=618141
Originator: NO
Can we close this? (I can't do it myself.)
----------------------------------------------------------------------
Comment By: Tony Balinski (ajbj)
Date: 2007-01-26 01:06
Message:
Logged In: YES
user_id=618141
Originator: NO
Checked in (added extra brace pair for clarity)
----------------------------------------------------------------------
Comment By: Tony Balinski (ajbj)
Date: 2007-01-26 00:19
Message:
Logged In: YES
user_id=618141
Originator: NO
I intend to check this in. It's definitely an improvement on the existing
code.
----------------------------------------------------------------------
Comment By: Bert Wesarg (lebert)
Date: 2007-01-22 22:04
Message:
Logged In: YES
user_id=122956
Originator: YES
patch attached, to prevent buffer overflow and return error message
File Added: fix-buffer-overflow-in-macro_c.patch
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111005&aid=1640304&group_id=11005
More information about the Develop
mailing list