View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006218 | Taler | exchange | public | 2020-04-23 15:15 | 2021-09-02 18:14 |
Reporter | fefe | Assigned To | Christian Grothoff | ||
Priority | normal | Severity | tweak | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Product Version | 0.7.0 | ||||
Target Version | 0.7.1 | Fixed in Version | 0.7.1 | ||
Summary | 0006218: integer overflow in buffer_write_urlencode | ||||
Description | In exchange/src/util/url.c: 83 static void 84 buffer_write_urlencode (struct GNUNET_Buffer *buf, 85 const char *s) 86 { 87 GNUNET_buffer_ensure_remaining (buf, 88 urlencode_len (s) + 1); If one assumes s could be an arbitrary string (probably not true in this context) the calculation in urlencode_len could overflow and adding the 1 here could overflow as well. | ||||
Tags | No tags attached. | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2020-04-23 15:15 | fefe | New Issue | |
2020-04-23 15:15 | fefe | Status | new => assigned |
2020-04-23 15:15 | fefe | Assigned To | => Christian Grothoff |
2020-04-23 15:31 | Christian Grothoff | Status | assigned => resolved |
2020-04-23 15:31 | Christian Grothoff | Resolution | open => fixed |
2020-04-23 15:31 | Christian Grothoff | Fixed in Version | => 0.7.1 |
2020-04-23 15:31 | Christian Grothoff | Note Added: 0015764 | |
2020-04-23 15:31 | Christian Grothoff | Target Version | => 0.7.1 |
2020-04-23 15:33 | Christian Grothoff | Severity | major => tweak |
2021-08-24 16:23 | Christian Grothoff | Status | resolved => closed |
2021-09-02 18:13 | Christian Grothoff | Changeset attached | => Taler-exchange master 8b99abbe |
2021-09-02 18:14 | Christian Grothoff | Note Added: 0018254 |