[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #45050] Invalid read / heap overflow in unescape_char()
From: |
chen |
Subject: |
[bug #45050] Invalid read / heap overflow in unescape_char() |
Date: |
Mon, 11 May 2015 01:30:51 +0000 |
User-agent: |
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:37.0) Gecko/20100101 Firefox/37.0 |
Follow-up Comment #1, bug #45050 (project make):
after some check, I believe that the problem is in the code:
char * unescape_char(char *string, int c) {
.....
/* here, s can point to 0, however, after ++, the s might skip the 0 and
continue reading "wild memory" */
*(p++) = *(s++);
.....
}
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?45050>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/