[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#148221: dpkg: Small off by one error in parseversion()

Package: dpkg
Version: 1.9.21
Severity: normal
Tags: patch

The following patch fixes a off by one error in dpkg.  It reads one
past the allocated buffer.

I discovered it using valgrind,
<URL:http://developer.kde.org/~sewardj/>.

--- lib/parsehelp.c.orig        Sun May 26 19:24:23 2002
+++ lib/parsehelp.c     Sun May 26 19:22:34 2002
@@ -214,7 +214,7 @@
   } else {
     rversion->epoch= 0;
   }
-  rversion->version= nfstrnsave(string,end-string+1);
+  rversion->version= nfstrnsave(string,end-string);
   hyphen= strrchr(rversion->version,'-');
   if (hyphen) *hyphen++= 0;
   rversion->revision= hyphen ? hyphen : "";


-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux diskless 2.4.18-686 #2 Wed Mar 20 20:21:31 EST 2002 i686
Locale: LANG=C, LC_CTYPE=no_NO

Versions of packages dpkg depends on:
ii  libc6                    2.2.5-6         GNU C Library: Shared libraries an
ii  libncurses5              5.2.20020112a-7 Shared libraries for terminal hand
ii  libstdc++2.10-glibc2.2   1:2.95.4-7      The GNU stdc++ library


-- 
To UNSUBSCRIBE, email to debian-dpkg-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: