1. Takehiko NOZAKI Avatar Takehiko NOZAKI
  2. idiot
  3. NetBSD
  4. Issues

newsyslog(1) read invalid memory from fgetln(3)

Issue #111 resolved
Takehiko NOZAKI repo owner created an issue

see following code:

       line = fgetln(fd, &linelen);
       if ((line = fgetln(fd, &linelen)) != NULL
         && line[10] == 'T')
               log->flags |= CE_SYSLPROTOCOL;

if 2nd line's length shorter than 10, line[10] == 'T' comparison causes overrun.

Comments (1)

  2. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
0
Watchers
1