[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#713037: xtermset overruns array bounds

Package: xtermset
Version: 0.5.2-5
Tags: patch

https://buildd.debian.org/~brlink/packages/x/xtermset.html warns that
it overrunns array bounds. Looking at the code, it defines a couple
arrays as c[2] and then writes to c[2], so there's a clear problem
here. It's confusing what they get indexed on, but running gdb on it
convinces me that 2 should be the highest index value, and hence the
arrays should be large enough with the patch.

It's really overwriting memory that it shouldn't. I don't know if it
coincidently works, or if it's not working right in rare circumstances
right now, but it is wrong.

Kie ekzistas vivo, ekzistas espero.

Attachment: xtermset-overrun.diff
Description: Binary data

Reply to: