Comment 3 for bug 301624
Revision history for this message
| Kees Cook (kees) wrote Re: [Bug 301624] Re: icmake disables FORTIFY | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
hdr.version is defined as: char version[4]. "version" is extern, so the
length is unknown at compile time. At runtime, however, the problem
happens, as "version" is ultimately defined as "7.11.1" via rss/version.c
and /VERSION. This is a real overflow. I recommend the following patch to
for the moment until upstream has a better suggestion:
strncpy(
this will leave the hdr.version unterminated, but based on other code that
tries to read it, this field appears to be evaluated not as a string, so
it's likely to be okay. If not, use:
strncpy(
hdr.version[