[BusyBox 0004364]: od/dump.c - uninitialized read

bugs at busybox.net bugs at busybox.net
Sun Jul 27 22:46:58 PDT 2008 

A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=4364 
====================================================================== 
Reported By:                cristic
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   4364
Category:                   Documentation
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             07-27-2008 22:44 PDT
Last Modified:              07-27-2008 22:46 PDT
====================================================================== 
Summary:                    od/dump.c - uninitialized read
Description: 
echo A >A && od A
may read uninitialized memory. 
The problem is in function get() in dump.c:
- dump.c:385 -> the buffer dumper->get__savp is created by calling
xmalloc()
- dump.c:405 -> when this line is hit in the second iteration through
                the while(1) loop, the buffer dumper->get__curp contains
"A", 
                but the buffer dumper->get__savp is still uninitialized. 

                Thus the memcmp call on this line will read uninitialized
                data.

I think the fix is really easy: just replace xmalloc() with xzalloc() at
dump.c:385

--Cristian
====================================================================== 

---------------------------------------------------------------------- 
 cristic - 07-27-08 22:46  
---------------------------------------------------------------------- 
P.S. The bug is obviously not in "Documentation", but I don't seem to be
able to edit that field now. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
07-27-08 22:44  cristic        New Issue                                    
07-27-08 22:44  cristic        Status                   new => assigned     
07-27-08 22:44  cristic        Assigned To               => BusyBox         
07-27-08 22:45  cristic        Issue Monitored: cristic                     
07-27-08 22:46  cristic        Note Added: 0010064                          
======================================================================

More information about the busybox-cvs mailing list