Mark,
Thanks. It seems quite evident. I will try to set up a scenario to catch it
with valgrind though. Do you think it would be easy? I believe you deem it
unnecessary, right?
Thanks,
Antonio
> El 3 jul 2017, a las 9:09, Mark Hermeling
> escribió:
>
> Antonio,
>
> That is certainly true o
Antonio,
That is certainly true once the modification that I proposed is applied. You
need to allocate the space of the string, plus one character for the EOL.
However, with the current code you allocate enough memory for the string and
then move the pointer one character to the right. It is a
Hi Mark,
Thanks for finding this potential bug and for providing a fix. However, How
would you reply to the comment that is written right before the line you
mentioned (I am not the author):
/* This doesn't have buffer overflow vulnerabilities, because
we always allocate for enough spa
Hello,
There is a buffer overrun in return_append_str in src/frontend/lexpgn.cc at line
2224newloc = (char *) malloc(strlen(s))+1;
The line should read:
newloc = (char *) malloc(strlen(s)+1);
We found this using static analysis using CodeSonar. I don’t have an actual
path th