[avrdude-dev] [bug #54159] Buffer overflow in usbtiny.c

anonymous Wed, 20 Jun 2018 13:49:03 -0700

URL:
  <http://savannah.nongnu.org/bugs/?54159>


                 Summary: Buffer overflow in usbtiny.c
                 Project: AVR Downloader/UploaDEr
            Submitted by: None
            Submitted on: Wed 20 Jun 2018 08:47:58 PM UTC
                Category: None
                Severity: 3 - Normal
                Priority: 5 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: Marius Greuel
        Originator Email: [email protected]
             Open/Closed: Open
                 Release: 6.3
         Discussion Lock: Any
     Programmer hardware: usbtiny
             Device type: t85

    _______________________________________________________

Details:

There is a bug in usbtiny_paged_load() that causes a read/verify operation to
overflow the flash memory buffer and crash the application.

The chunk being read is always 128, regardless of the actual bytes requested
or bytes left.

See patch.txt for details.



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Wed 20 Jun 2018 08:47:58 PM UTC  Name: patch.txt  Size: 791B   By: None

<http://savannah.nongnu.org/bugs/download.php?file_id=44398>

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?54159>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/


_______________________________________________
avrdude-dev mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/avrdude-dev

[avrdude-dev] [bug #54159] Buffer overflow in usbtiny.c

Reply via email to