[axel-devel] [axel-Bugs][311569] Possible buffer overflow in main.
axel-bugs at alioth.debian.org
axel-bugs at alioth.debian.org
Wed Apr 1 22:56:44 UTC 2009
Bugs item #311569, was opened at 2009-03-30 18:42
Status: Open
>Priority: 5
Submitted By: Nobody (None)
Assigned to: Philipp Hagemeister (phihag-guest)
Summary: Possible buffer overflow in main.
Initial Comment:
Hello.
Sloppy strncpy/strncat usage present. A buffer overflow is triggered if the length of the constructed output file path grows over 1024 characters:
text.c: In function 'main':
text.c:167: warning: ignoring return value of 'scanf', declared with attribute
warn_unused_result
In function 'strncat',
inlined from 'main' at text.c:255:
/usr/include/bits/string3.h:153: warning: call to __builtin___strncat_chk might overflow destination buffer.
I try push axel in Fedora contribution, but this error marked us stop bug - https://bugzilla.redhat.com/show_bug.cgi?id=454980#c14
----------------------------------------------------------------------
Comment By: Philipp Hagemeister (phihag-guest)
Date: 2009-04-01 22:49
Message:
Fixed in rev97. I'm closing this bug as soon as we release a new version (probably in the next hours or days)
----------------------------------------------------------------------
You can respond by visiting:
http://alioth.debian.org/tracker/?func=detail&atid=413085&aid=311569&group_id=100070
More information about the axel-devel
mailing list