[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Buffer Overflow - fvwrite.c and fread.c sources
On Tue, Dec 21, 2010 at 03:38:31PM +0530, nikunj badjatya wrote:
> I am just 3 months old to Linux and Cprogramming.
This mailing list is about the NetBSD operating system, not about Linux.
> Recently started investigating on Buffer overflow issues with fvwrite.c and
> fread.c sources.
Please explain why you think there is a buffer overflow issue.
I've just reviewed the implemenetation of fread(3) in "fread.c" and
it looks fine to me.
> Present in lib/libc/stdio/* folder. Here's my investigation:-
> There is a memcpy function.
> *1. at line 81 in fread.c -
> (void)memcpy((void *)p, (void *)fp->_p, (size_t)r);
Line 81 of "fread.c" looks like this:
/* fp->_r = 0 ... done in __srefill */
> 2. and at line 168 in fvwrite.c. after expanding COPY macro*.
What COPY macro? There is no COPY macro defined or used in "fread.c".
Can you please explain which *NetBSD* sources you are looking at?
> How do I know the contents of FILE structure.?
It is private to the library and therefore off limits.
Matthias Scheler http://zhadum.org.uk/
Main Index |
Thread Index |