Issue status update for
http://smalltalk.gnu.org/node/1006Post a follow up:
http://smalltalk.gnu.org/project/comments/add/1006 Project: GNU Smalltalk
Version: <none>
Component: Build
Category: bug reports
Priority: normal
Assigned to: Unassigned
Reported by: hanno
Updated by: hanno
Status: active
In gst-tool.c there is a loop that compares a given long option with the
available long options. It uses a memcmp call for that with the length
of the given option.
This will cause out of bounds heap reads (that can be detected with
address sanitizer), because many of the available options will be
shorter than a given option.
Changing memcmp to strncmp corrects this bug and will avoid reading the
option strings beyond a terminating zero. See attached patch. This patch
is against the latest test version 3.2.91.
_______________________________________________
help-smalltalk mailing list
[hidden email]
https://lists.gnu.org/mailman/listinfo/help-smalltalk
Locked
