HomeBlogspharon's blog

Buffer overflow fix for my patch

pharon's picture
Thu, 2005-12-15 16:40 — pharon

I discovered there's a potential buffer overflow in my hwsetup dynblacklist patch because the blacklist file can have more that 200 module names.

Here's a mini patch to add some primitive bounds checking to fix it. I also decreased the module name size from 1024 chars to 200 which is more than enough, to save memory.
The patch is still pending the maintainer's response.

http://bugs.gentoo.org/show_bug.cgi?id=115669

AttachmentSize
hwsetup-1.1-dyn_blacklist_bounds_check.patch.txt742 bytes

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options