Package: libidn11
Version: 1.28-1
Severity: normal
Dear Maintainer,
compiling and running a C program using valgrind leads to 'invalid read of
size 4' report.
The code snippet is
#include stdio.h
#include idna.h
void main(void)
{
char *host_asc = NULL;
idna_to_ascii_8z(www.exampl.com, host_asc, IDNA_USE_STD3_ASCII_RULES);
printf(-%s\n,host_asc);
}
Compiling it with gcc 4.8.1-10 and executing the executable with
valgrind ./x
leads to
==8903== Invalid read of size 4
==8903==at 0x4E386A2: idna_to_ascii_4z (in /usr/lib/x86_64-linux-
gnu/libidn.so.11.6.11)
==8903==by 0x4E38919: idna_to_ascii_8z (in /usr/lib/x86_64-linux-
gnu/libidn.so.11.6.11)
==8903==by 0x400642: main (in /home/tim/src/mget/tmp/x)
==8903== Address 0x54121c8 is 8 bytes inside a block of size 11 alloc'd
==8903==at 0x4C2B72E: realloc (vg_replace_malloc.c:662)
==8903==by 0x4E3870D: idna_to_ascii_4z (in /usr/lib/x86_64-linux-
gnu/libidn.so.11.6.11)
==8903==by 0x4E38919: idna_to_ascii_8z (in /usr/lib/x86_64-linux-
gnu/libidn.so.11.6.11)
==8903==by 0x400642: main (in /home/tim/src/mget/tmp/x)
Using www.example.com (or any string with one byte longer) does not trigger
valgrind.
The printf() prints in both cases the expected result.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.10-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libidn11:amd64 depends on:
ii libc6 2.17-92+b1
ii multiarch-support 2.17-92+b1
libidn11:amd64 recommends no packages.
libidn11:amd64 suggests no packages.
-- no debconf information
signature.asc
Description: This is a digitally signed message part.