0008048: _make_continuous_arg_copy: missing integer overflow check

ID	Project	Category	View Status	Date Submitted	Last Update

0008048	GNUnet	util library	public	2024-01-09 17:52	2024-03-07 20:26

Reporter	fefe	Assigned To	Christian Grothoff
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Fixed in Version	0.21.0

Summary	0008048: _make_continuous_arg_copy: missing integer overflow check
Description	This is in gnunet/src/lib/util/strings.c: 1200 static char const 1201 _make_continuous_arg_copy (int argc, char const argv) 1202 { 1203 size_t argvsize = 0; 1204 char *new_argv; 1205 char p; 1206 1207 for (int i = 0; i < argc; i++) 1208 argvsize += strlen (argv[i]) + 1 + sizeof(char *); If multiple pointers in argv point to the same long string, this can overflow and cause memory corruption later.
Tags	No tags attached.

Date Modified	Username	Field	Change
2024-01-09 17:52	fefe	New Issue
2024-01-09 19:35	Christian Grothoff	Changeset attached	=> gnunet master ca54e493
2024-01-09 19:35	Christian Grothoff	Note Added: 0020851
2024-01-09 19:35	Christian Grothoff	Assigned To	=> Christian Grothoff
2024-01-09 19:35	Christian Grothoff	Status	new => resolved
2024-01-09 19:35	Christian Grothoff	Resolution	open => fixed
2024-01-09 20:10	Christian Grothoff	Project	Taler => GNUnet
2024-01-09 20:10	Christian Grothoff	Category	other => util library
2024-03-07 20:26	schanzen	Fixed in Version	=> 0.21.0
2024-03-07 20:26	schanzen	Note Added: 0021798
2024-03-07 20:26	schanzen	Status	resolved => closed

Christian Grothoff 2024-01-09 19:35 manager ~0020851	Fix committed to master branch.

schanzen 2024-03-07 20:26 administrator ~0021798	0.21 released

gnunet: master ca54e493 2024-01-09 20:35 Christian Grothoff Details Diff	fix 0008048		Affected Issues 0008048
	mod - src/lib/util/strings.c		Diff File