Opened 10 years ago

Closed 8 years ago

#203 closed defect (fixed)

Unsafe strcat on overlapping strings in owl_zephyr_smartstripped_user

Reported by: andersk@mit.edu Owned by: andersk@mit.edu
Priority: major Milestone:
Component: internals Keywords: straightforward
Cc:

Description

From owl_zephyr_smartstripped_user:

  realm = strchr(out, '@');
…
  if (realm) realm[0]='\0';
…
    strcat(out, realm+1);

This strcat call might read from the same place it’s writing to, which is invalid and could break if strcat is optimized in certain ways.

Change History (3)

comment:1 Changed 9 years ago by jgross@mit.edu

  • Keywords straightforward added

I think this should be easily fixable by appropriate use of g_strdup and/or g_strdup_printf.

comment:2 Changed 8 years ago by andersk@mit.edu

  • Owner set to andersk@mit.edu
  • Status changed from new to assigned

comment:3 Changed 8 years ago by andersk@mit.edu

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.