On Friday 20 June 2008 15:43:47 Jan-Oliver Wagner wrote: > Hi, > > On Freitag, 20. Juni 2008, [EMAIL PROTECTED] wrote: > > Author: mwiegand > > Date: 2008-06-20 16:14:39 +0200 (Fri, 20 Jun 2008) > > New Revision: 944 > > > > Modified: > > trunk/openvas-client/ChangeLog > > trunk/openvas-client/libnessus/hlst.c > > Log: > > Avoid sorting an hlst if it has no entries since that will lead to an > > emalloc issue under certain conditions. > > I guess the very same problem is in > openvas-libraries/libopenvas/hlst.c ? > > Best > > Jan
Michael and I have been diagnosing the problem, I have patched it in openvas-libraries trunk. Essentially there are two problems.. on amd64 we see strange behaviour which leads to the overly large size value being passed to parameter. A more generic problem is that this function (and probably others) trust unvalidated data and use them as part of calls to emalloc (and by proxy malloc). A thorough review of all calls to emalloc()/XMALLOC would be advised. I have a test case for the amd64 problem, which I will add to the bug report. Cheers, Tim -- Tim Brown <mailto:[EMAIL PROTECTED]> <http://www.nth-dimension.org.uk/> _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
