NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Buffer Overflow - fvwrite.c and fread.c sources

On Tue, Dec 21, 2010 at 03:38:31PM +0530, nikunj badjatya wrote:
> I am just 3 months old to Linux and Cprogramming.

This mailing list is about the NetBSD operating system, not about Linux.

> Recently started investigating on Buffer overflow issues with fvwrite.c and
> fread.c sources.

Please explain why you think there is a buffer overflow issue.
I've just reviewed the implemenetation of fread(3) in "fread.c" and
it looks fine to me.

> Present in lib/libc/stdio/* folder. Here's my investigation:-
> {
> There is a memcpy function.
> *1. at line 81 in fread.c -
> (void)memcpy((void *)p, (void *)fp->_p, (size_t)r);

Line 81 of "fread.c" looks like this:

        /* fp->_r = 0 ... done in __srefill */

> 2. and at line 168 in fvwrite.c. after expanding COPY macro*.

What COPY macro? There is no COPY macro defined or used in "fread.c".
Can you please explain which *NetBSD* sources you are looking at?

> How do I know the contents of FILE structure.?

It is private to the library and therefore off limits.

        Kind regards

Matthias Scheler                        

Home | Main Index | Thread Index | Old Index