View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0008105 | Taler | exchange | public | 2024-01-18 14:38 | 2024-03-07 20:47 |
Reporter | fefe | Assigned To | Christian Grothoff | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | git (master) | ||||
Target Version | 0.9.4 | Fixed in Version | 0.9.4 | ||
Summary | 0008105: parse_json_auditor: integer truncation | ||||
Description | This is in exchange/src/lib/exchange_api_handle.c: 547 unsigned int off; 548 unsigned int pos; These should be size_t. 578 json_array_foreach (keys, off, key) { This converts into a loop up to json_array_size, which returns size_t, so off should be size_t. In each loop iteration we increment pos, so it should be size_t, too. After the loop, we assign pos to num_denom_keys, so that should be size_t too: 640 auditor->num_denom_keys = pos; which means in the loop this needs to be a size_t as well: 599 for (unsigned int j = 0; j<key_data->num_denom_keys; j++) | ||||
Tags | No tags attached. | ||||
|
Fixed in d7962e01..dbf84c51. Alas not by changing d7962e01..dbf84c51 but by checking that pos <= UINT_MAX before doing the assignment and failing if that check fails. |
Date Modified | Username | Field | Change |
---|---|---|---|
2024-01-18 14:38 | fefe | New Issue | |
2024-01-18 14:38 | fefe | Status | new => assigned |
2024-01-18 14:38 | fefe | Assigned To | => Christian Grothoff |
2024-01-18 22:24 | Christian Grothoff | Note Added: 0020908 | |
2024-01-18 22:24 | Christian Grothoff | Status | assigned => resolved |
2024-01-18 22:24 | Christian Grothoff | Resolution | open => fixed |
2024-01-18 22:24 | Christian Grothoff | Fixed in Version | => 0.9.4 |
2024-01-18 22:24 | Christian Grothoff | Product Version | => git (master) |
2024-01-18 22:24 | Christian Grothoff | Target Version | => 0.9.4 |
2024-01-18 23:31 | Christian Grothoff | Relationship added | child of 0008112 |
2024-03-07 20:47 | Christian Grothoff | Status | resolved => closed |