View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009322 | GNUnet | util library | public | 2024-11-04 16:57 | 2024-11-05 09:15 |
Reporter | fefe | Assigned To | schanzen | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | resolved | Resolution | fixed | ||
Target Version | 0.22.3 | ||||
Summary | 0009322: GNUNET_DNSPARSER_builder_add_name: integer overflow | ||||
Description | 1011 start = *off; 1012 if (start + strlen (idna_name) + 2 > dst_len) 1013 goto fail; off is a function argument, a size_t*. The caller could have been tricked and call the function with -1 in there, in which case this check would fail to detect the problem and cause memory corruption later. | ||||
Tags | No tags attached. | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2024-11-04 16:57 | fefe | New Issue | |
2024-11-04 19:26 | schanzen | Target Version | => 0.22.3 |
2024-11-05 09:15 | schanzen | Changeset attached | => gnunet master 09fb2e45 |
2024-11-05 09:15 | schanzen | Note Added: 0023662 | |
2024-11-05 09:15 | schanzen | Assigned To | => schanzen |
2024-11-05 09:15 | schanzen | Status | new => resolved |
2024-11-05 09:15 | schanzen | Resolution | open => fixed |