View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0009326 | GNUnet | util library | public | 2024-11-04 17:08 | 2024-11-14 09:43 |
| Reporter | fefe | Assigned To | schanzen | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Target Version | 0.23.0 | ||||
| Summary | 0009326: GNUNET_DNSPARSER_builder_add_srv: integer overflow | ||||
| Description | 1223 if (*off + sizeof(struct GNUNET_TUN_DnsSrvRecord) > dst_len) 1224 return GNUNET_NO; off is a size_t* and an argument to the function. The caller could have been tricked to pass in garbage here. We shouldn't assume adding sizeof(...) does not overflow. | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-11-04 17:08 | fefe | New Issue | |
| 2024-11-04 19:26 | schanzen | Target Version | => 0.22.3 |
| 2024-11-05 09:16 | schanzen | Note Added: 0023663 | |
| 2024-11-05 09:16 | schanzen | Status | new => resolved |
| 2024-11-05 09:16 | schanzen | Resolution | open => fixed |
| 2024-11-05 09:16 | schanzen | Assigned To | => schanzen |
| 2024-11-14 09:43 | schanzen | Target Version | 0.22.3 => 0.23.0 |
