[Bug 189296] cscope buffer overflow (includes patch)
bugzilla at redhat.com
bugzilla at redhat.com
Fri Apr 4 13:50:40 UTC 2008
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: cscope buffer overflow (includes patch)
https://bugzilla.redhat.com/show_bug.cgi?id=189296
nhorman at redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status Whiteboard| bzcl34nup |bzcl34nup
Flag| |needinfo?(rwahl at gmx.de)
------- Additional Comments From nhorman at redhat.com 2008-04-04 09:50 EST -------
hold on a sec, something just occured to me. We use fgets in the surrounding
while loop in this code. fgets takes a size parameter, and only reads size-1
bytes to the target buffer. This implies that the strcpy you are fixing should
never overflow. We shouldn't need to fix this in the way we're discussing. As
such I don't feel compfortable incorporating this change. I know you can't
release your repository, but is it possible for you to fabricate a repository
that can reproduce this error, so that I can look at it more closely?
Thanks!
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-triage-list
mailing list