https://bugs.kde.org/show_bug.cgi?id=515612
Bug ID: 515612
Summary: Sanity check VG_(realpath) and VG_(readlink) return
values
Classification: Developer tools
Product: valgrind
Version First 3.26.0
Reported In:
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
There are a couple of places in the code where the result of VG_(realpath) or
VG_(readlink) isn't being checked. This could potentially cause some array
underflow writes (to array[-1]) and/or the use of undefined (stack) memory. In
one case an overly long path could write beyond a temporary buffer. All these
cases are probably very unlikely to be hit, but could cause errors or warnings
from valgrind to be garbled.
--
You are receiving this mail because:
You are watching all bug changes.
