[RTEMS Project] #2558: Heap corruption in UNIX domain socket connect (libbsd)
RTEMS trac
trac at rtems.org
Tue Feb 2 06:40:03 UTC 2016
#2558: Heap corruption in UNIX domain socket connect (libbsd)
-----------------------------+-----------------------------
Reporter: sebastian.huber | Owner: sebastian.huber
Type: defect | Status: new
Priority: normal | Milestone: 4.11
Component: networking | Version: 4.11
Severity: normal | Keywords:
-----------------------------+-----------------------------
In
{{{
static int
unp_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
...
#else /* __rtems__ */
soun->sun_path[len] = '\0';
eval_flags = RTEMS_FS_FOLLOW_LINK;
...
}
}}}
we write past the allocated buffer.
--
Ticket URL: <http://devel.rtems.org/ticket/2558>
RTEMS Project <http://www.rtems.org/>
RTEMS Project
More information about the bugs
mailing list