View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009302 | GNUnet | util library | public | 2024-10-28 13:54 | 2024-10-29 20:56 |
Reporter | fefe | Assigned To | schanzen | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Target Version | 0.22.2 | Fixed in Version | 0.22.2 | ||
Summary | 0009302: GNUNET_CRYPTO_hash_file: buffer overflow | ||||
Description | 168 struct GNUNET_CRYPTO_FileHashContext * 169 GNUNET_CRYPTO_hash_file (enum GNUNET_SCHEDULER_Priority priority, 170 const char *filename, 171 size_t blocksize, 172 GNUNET_CRYPTO_HashCompletedCallback callback, 173 void *callback_cls) 174 { 175 struct GNUNET_CRYPTO_FileHashContext *fhc; 176 177 GNUNET_assert (blocksize > 0); 178 fhc = 179 GNUNET_malloc (sizeof(struct GNUNET_CRYPTO_FileHashContext) + blocksize); This needs an overflow check. blocksize comes in as function argument and the caller might have been tricked. | ||||
Tags | No tags attached. | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2024-10-28 13:54 | fefe | New Issue | |
2024-10-29 13:00 | schanzen | Changeset attached | => gnunet master 663478b6 |
2024-10-29 13:00 | schanzen | Note Added: 0023612 | |
2024-10-29 13:00 | schanzen | Assigned To | => schanzen |
2024-10-29 13:00 | schanzen | Status | new => resolved |
2024-10-29 13:00 | schanzen | Resolution | open => fixed |
2024-10-29 13:00 | schanzen | Fixed in Version | => 0.22.2 |
2024-10-29 13:00 | schanzen | Target Version | => 0.22.2 |
2024-10-29 20:56 | schanzen | Note Added: 0023625 | |
2024-10-29 20:56 | schanzen | Status | resolved => closed |