From: Denis Kenzior <denkenz@gmail.com>
To: ofono@ofono.org
Subject: Re: [PATCH 1/1] src: out of bounds problem in smsutil
Date: Wed, 16 Feb 2011 09:25:16 -0600 [thread overview]
Message-ID: <4D5BEC5C.3000207@gmail.com> (raw)
In-Reply-To: <1297857898-21582-1-git-send-email-jessica.j.nilsson@stericsson.com>
[-- Attachment #1: Type: text/plain, Size: 1084 bytes --]
Hi Jessica,
On 02/16/2011 06:04 AM, Jessica Nilsson wrote:
> ---
>
> This one was exposed when wgmodem2.5 CBS was run with valgrind.
>
> Best Regards,
> Jessica Nilsson
>
Can you post the actual error and the data this happened on?
> src/smsutil.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/src/smsutil.c b/src/smsutil.c
> index 5524932..b3a1ba1 100644
> --- a/src/smsutil.c
> +++ b/src/smsutil.c
> @@ -4628,7 +4628,7 @@ char *cbs_topic_ranges_to_string(GSList *ranges)
> }
>
> /* Space for ranges, commas and terminator null */
> - ret = g_new(char, len + nelem);
> + ret = g_new0(char, len + nelem + 1);
I'm having trouble seeing how the old code was wrong. nelem contains
the number of elements. Since the last element does not end with a
comma, the use of nelem + 1 in g_new is not necessary. sprintf takes
care of adding the terminating null, so using g_new0 is also less efficient.
Are you adding channels that are 5 digits long by any chance?
>
> len = 0;
>
Regards,
-Denis
next prev parent reply other threads:[~2011-02-16 15:25 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-16 12:04 [PATCH 1/1] src: out of bounds problem in smsutil Jessica Nilsson
2011-02-16 15:25 ` Denis Kenzior [this message]
2011-02-16 15:50 ` Andreas WESTIN
2011-02-16 16:02 ` Denis Kenzior
2011-02-16 16:13 ` Andreas WESTIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D5BEC5C.3000207@gmail.com \
--to=denkenz@gmail.com \
--cc=ofono@ofono.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.