View Issue Details

IDProjectCategoryView StatusLast Update
0009322GNUnetutil librarypublic2024-11-05 09:15
Reporterfefe Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Target Version0.22.3 
Summary0009322: GNUNET_DNSPARSER_builder_add_name: integer overflow
Description  1011 start = *off;
  1012 if (start + strlen (idna_name) + 2 > dst_len)
  1013 goto fail;

off is a function argument, a size_t*. The caller could have been tricked and call the function with -1 in there, in which case this check would fail to detect the problem and cause memory corruption later.
TagsNo tags attached.

Activities

schanzen

2024-11-05 09:15

administrator   ~0023662

Fix committed to master branch.

Related Changesets

gnunet: master 09fb2e45

2024-11-05 10:15

schanzen


Details Diff
util: Handle possible integer overflow in name handling. Fixes 0009322 Affected Issues
0009322
mod - src/lib/util/dnsparser.c Diff File

Issue History

Date Modified Username Field Change
2024-11-04 16:57 fefe New Issue
2024-11-04 19:26 schanzen Target Version => 0.22.3
2024-11-05 09:15 schanzen Changeset attached => gnunet master 09fb2e45
2024-11-05 09:15 schanzen Note Added: 0023662
2024-11-05 09:15 schanzen Assigned To => schanzen
2024-11-05 09:15 schanzen Status new => resolved
2024-11-05 09:15 schanzen Resolution open => fixed