- changed status to resolved
newsyslog(1) read invalid memory from fgetln(3)
Issue #111
resolved
see following code:
line = fgetln(fd, &linelen);
if ((line = fgetln(fd, &linelen)) != NULL
&& line[10] == 'T')
log->flags |= CE_SYSLPROTOCOL;
if 2nd line's length shorter than 10, line[10] == 'T' comparison causes overrun.
Comments (1)
-
reporter - Log in to comment
BUGFIX: Issue
#111- newsyslog(1) read invalid memory from fgetln(3). CLEANUP: replace fgetln(3) with getline(3) for portability.→ <<cset c0da8290022c>>