I see, now. You are right.
This is a change from UUID_SIZE to HNAME_MAX that I missed when I was
adding the SHA3 capabilities a few months ago. I think the problem
should be fixed now on trunk. Let me know if you see anything else
that I've missed.
Thanks.
On 6/11/17, kowlsd3pw...@yahoo.co.jp <kowlsd3pw...@yahoo.co.jp> wrote:
> It is not a problem on the surface now,
> but internally it causes Buffer Overruns.
>
> (1) commit
> fossil commit -m "[$(fossil whatis trunk | grep -P "^artifact" | grep -o "[^
> ]*$")] " --allow-empty
>
> (2) insert test code and recomile
> Index: src/wikiformat.c
> ==================================================================
> --- src/wikiformat.c
> +++ src/wikiformat.c
> @@ -1113,10 +1113,17 @@
> int n;
> int rc;
> char zLower[UUID_SIZE+1];
> char zUpper[UUID_SIZE+1];
> n = strlen(zTarget);
> + if (n+1 > sizeof(zLower)){
> + @ <p style="color:red"><b>Error Buffer Overruns:</b>
> + @ n+1 is %d(n+1):
> + @ zLower size%d(sizeof(zLower)).
> + @ UUID_SIZE:%d(UUID_SIZE).
> + @ </p>
> + }
> memcpy(zLower, zTarget, n+1);
> canonical16(zLower, n+1);
> memcpy(zUpper, zLower, n+1);
> zUpper[n-1]++;
> if( once ){
>
> (3) access web timeline page
>
> Result
> Leaf:
> Error Buffer Overruns: n+1 is 65: zLower size41. UUID_SIZE:40.
> [a10fc448ed3fce5113c2a44d18df0172c64a55624c4e21572566144106791b04]
--
D. Richard Hipp
d...@sqlite.org
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
