multiple stack overflows
Bug #164150 reported by
Kees Cook
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
o3read (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
tracker (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
Binary package hint: tracker
At least two stack overflows are present. While not an issue in Ubuntu (due to stack protections), these could cause crashes, and generally need to be fixed:
src/
line 203: unbounded copy across stack? might destroy q... (but it isn't used for later overwrites)
src/
line 145: bug; 1 byte NULL-overwrite (uri_hash is 20 chars long, needs 21)
Related branches
Changed in tracker: | |
importance: | Undecided → High |
Changed in o3read (Ubuntu): | |
status: | New → Incomplete |
Changed in o3read (Ubuntu): | |
status: | Incomplete → Confirmed |
To post a comment you must log in.
inlined O3read has been removed from tracker - it now uses the system one which is in main repo
I will investigate the tracker- thumbnailer. c one though