NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

bin/44390: ftpd/ftpcmd.y inet6 case has out of range subscripts



>Number:         44390
>Category:       bin
>Synopsis:       ftpd/ftpcmd.y inet6 case has out of range subscripts
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 14 20:00:00 +0000 2011
>Originator:     Paul Koning
>Release:        5.0.0
>Organization:
Dell
>Environment:
>Description:
When building 5.0 from source using GCC 4.5.1, I get some error messages due to 
new checks in the compiler.  Some have been reported before; this one 
apparently not.

libexec/ftpd/ftpcmd.y at line 979 and up loads data into a[8] and up.  But "a" 
is a cast to struct sockaddr_in6 of variable dest_addr which is struct 
sockinet.  

Apparently the out of bounds references are not seen as such by older 
compilers, they are fooled by the cast.  GCC 4.5.1 is not fooled and complains.

Obviously I can hide the error by more casting, but it seems to me that this is 
actually a memory overwrite error and that can't be a good thing.
>How-To-Repeat:
Build ftpd with a sufficiently new compiler
>Fix:



Home | Main Index | Thread Index | Old Index