[PATCH] potential array overrun
Marc Lehmann
schmorp at schmorp.de
Mon Jun 11 14:49:34 CEST 2012
On Mon, Jun 11, 2012 at 08:43:03AM -0400, Steve Grubb <sgrubb at redhat.com> wrote:
> if signum is 65, it won't return. This gets decremented to 64 and then used as
> an index for a memory write. This is 1 over the top since 63 is the largest
> valid index. I doubt this causes any problems, but a patch below should fix the
Thanks - while the patch is correct note that it doesn't fix anything,
because passing illegal signal numbers is not supported by libev, and thus
not checked in all cases, so a program exhibiting a bug in this area might
still cause overruns elsewhere (e.g. in ev_signal_start, which has an
assertion only for this check).
--
The choice of a Deliantra, the free code+content MORPG
-----==- _GNU_ http://www.deliantra.net
----==-- _ generation
---==---(_)__ __ ____ __ Marc Lehmann
--==---/ / _ \/ // /\ \/ / schmorp at schmorp.de
-=====/_/_//_/\_,_/ /_/\_\
More information about the libev
mailing list