Bug 474366 – buffer overflow in ir_fetch_seq()

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 474366 - buffer overflow in ir_fetch_seq()


Summary:	buffer overflow in ir_fetch_seq()


Status:	RESOLVED FIXED

Product:	balsa
Classification:	Other
Component:	general
Version:	2.3.x
Hardware:	Other All

Importance:	Normal critical
Target Milestone:	---
Assigned To:	Balsa Maintainers
QA Contact:	Balsa Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2007-09-06 21:08 UTC by Evil Ninja Squirrel
Modified:	2007-09-07 21:31 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Patch against SVN trunk (588 bytes, patch) 2007-09-06 21:10 UTC, Evil Ninja Squirrel	none	Details \| Review

Description Evil Ninja Squirrel 2007-09-06 21:08:47 UTC

Steps to reproduce:
I've found a buffer overflow in ir_fetch_seq(). It continues to read and read more data without checking if it starts writing outside of a char array.

Stack trace:


Other information:

Comment 1 Evil Ninja Squirrel 2007-09-06 21:10:06 UTC

Created attachment 95088 [details] [review]
Patch against SVN trunk

Comment 2 Pawel Salek 2007-09-07 21:31:33 UTC

Thanks a lot for spotting this. The patch has been commited, and balsa-2.3.20 released.