EPICS Base

macEnvExpand can segfault with very long variable values

Bug #1035083 reported by Andrew Johnson on 2012-08-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	EPICS Base	Won't Fix	Low	Andrew Johnson

Bug Description

The macEnvExpand() code is apparently not robust against environment variables containing large strings. Krzysztof Lazarski at APS sector 19 triggers this occasionally.

Tags:

Revision history for this message

Andrew Johnson (anj) wrote on 2012-11-19:

There doesn't seem to be a problem with handling large environment variables in iocsh on Linux. Need more information to track this any further.

Changed in epics-base:
status:	New → Incomplete
importance:	High → Low

Revision history for this message

Andrew Johnson (anj) wrote on 2013-10-21:

This issue may have been partly resolved by commit 12434 to the 3.14 tree. dbLoadTemplate() limited the number of macros that could be set by a substitution file, and had a fixed length string buffer to store them all in, with no overflow checks on either limit. The above commit allows the user to set dbTemplateMaxVars to increase the max number of variables (the buffer size is 50 times that) and checks for using too many variables, but it doesn't prevent a buffer overflow.

mdavidsaver (mdavidsaver) on 2015-12-04

Changed in epics-base:
assignee:	nobody → Andrew Johnson (anj)

Revision history for this message

Andrew Johnson (anj) wrote on 2018-06-26:

No recent reports of problems, closing.

Changed in epics-base:
status:	Incomplete → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.