jobserver_fds->list buffer overflow

bug-make

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

jobserver_fds->list buffer overflow

From:	Ken Takusagawa
Subject:	jobserver_fds->list buffer overflow
Date:	Mon, 8 Jan 2007 22:26:11 -0500

In main.c we have

     jobserver_fds->list[0] = xmalloc ((sizeof ("1024")*2)+1);

     sprintf (jobserver_fds->list[0], "%d,%d", job_fds[0], job_fds[1]);

Shouldn't xmalloc get a "+2" instead of "+1"?  1 for the comma, and
one for the null terminator?

--ken

[Prev in Thread]

Current Thread

[Next in Thread]

jobserver_fds->list buffer overflow, Ken Takusagawa <=
- Re: jobserver_fds->list buffer overflow, Paul Smith, 2007/01/08

Prev by Date: [bug #18617] Better debugging facilities: tracing rule invocation.
Next by Date: Re: jobserver_fds->list buffer overflow
Previous by thread: [bug #18617] Better debugging facilities: tracing rule invocation.
Next by thread: Re: jobserver_fds->list buffer overflow
Index(es):
- Date
- Thread