0004364: od/dump.c - uninitialized read - BusyBox Bug and Patch Tracking

BusyBox Bug and Patch Tracking

Viewing Issue Simple Details [ Jump to Notes ]

[ View Advanced ] [ Issue History ] [ Print ]

Category

Severity

Reproducibility

Date Submitted

Last Update

0004364

[BusyBox] Documentation

minor

always

07-27-08 22:44

07-28-08 17:00

Reporter

cristic

View Status

public

Assigned To

BusyBox

Priority

normal

Resolution

fixed

Status

closed

Product Version

svn

Summary

0004364: od/dump.c - uninitialized read

Description

echo A >A && od A
may read uninitialized memory.
The problem is in function get() in dump.c:
- dump.c:385 -> the buffer dumper->get__savp is created by calling xmalloc()
- dump.c:405 -> when this line is hit in the second iteration through
                the while(1) loop, the buffer dumper->get__curp contains "A",
                but the buffer dumper->get__savp is still uninitialized.
                Thus the memcmp call on this line will read uninitialized
                data.

I think the fix is really easy: just replace xmalloc() with xzalloc() at dump.c:385

--Cristian

Additional Information

Attached Files

Relationships

Notes
(0010064) cristic 07-27-08 22:46	P.S. The bug is obviously not in "Documentation", but I don't seem to be able to edit that field now.

(0010134) vda 07-28-08 17:00	Fixed, thanks!

Issue History
Date Modified	Username	Field	Change
07-27-08 22:44	cristic	New Issue
07-27-08 22:44	cristic	Status	new => assigned
07-27-08 22:44	cristic	Assigned To	=> BusyBox
07-27-08 22:45	cristic	Issue Monitored: cristic
07-27-08 22:46	cristic	Note Added: 0010064
07-28-08 17:00	vda	Status	assigned => closed
07-28-08 17:00	vda	Note Added: 0010134
07-28-08 17:00	vda	Resolution	open => fixed