diff options
| author | Martin Michlmayr <tbm@cyrius.com> | 2019-01-26 13:02:25 -0300 |
|---|---|---|
| committer | Martin Michlmayr <tbm@cyrius.com> | 2019-01-26 13:02:25 -0300 |
| commit | c5343f18744d0f6fddcc590f9a54c23674d8c489 (patch) | |
| tree | 76859e45130512271354c9558cfd1bb071a6e702 /test | |
| parent | 7c0ae5b02571e21f97d45f5d091cb78af9885713 (diff) | |
| download | fork-ledger-c5343f18744d0f6fddcc590f9a54c23674d8c489.tar.gz fork-ledger-c5343f18744d0f6fddcc590f9a54c23674d8c489.tar.bz2 fork-ledger-c5343f18744d0f6fddcc590f9a54c23674d8c489.zip | |
Fix possible stack overflow in option parsing routine
It is possible to create a stack overflow by giving an option that is
longer than the buffer that is used during option parsing because the
length of the input string is not checked.
Prevent the issue by always checking the input string length and
discarding options that does not fit in the buffer as invalid.
This issue has been assigned CVE-2017-12481.
Thanks to Gwan Yeong Kim for reporting this issue.
Fixes #1222
Diffstat (limited to 'test')
| -rw-r--r-- | test/regress/1222.test | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/test/regress/1222.test b/test/regress/1222.test new file mode 100644 index 00000000..535a0e32 --- /dev/null +++ b/test/regress/1222.test @@ -0,0 +1,7 @@ +--fooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo + +test reg -> 1 +__ERROR__ +While parsing file "$FILE", line 1: +Error: Illegal option --fooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo +end test |