On 20.05.2014 18:51 UTC+0200, Sebastian Krzyszkowiak wrote: > On Fri, May 16, 2014 at 11:52 AM, Lukas Maerdian <l...@slyon.de> wrote: >> I've currently not environment and time to fix this issue, but I'd >> like to have it on the SHR-devel list for reference. >> >> BR, >> Lukas >> >> >> ---------- Forwarded message ---------- >> From: Michael Tautschnig <m...@debian.org> >> Date: 2014-05-15 12:15 GMT+02:00 >> Subject: [pkg-fso-maint] Bug#748209: Function declaration without >> parameter type list shadows stack underflow >> To: b...@debian.org >> >> >> Package: libphone-ui >> Version: 1:0.0.1+git20110825-3 >> Usertags: goto-cc >> >> During an analysis of all packages using our research compiler tool-chain >> (using >> tools from the cbmc package) the following error was found: >> >> The declaration of _fso_pim_dates in dbus.h >> >> http://sources.debian.net/src/libphone-ui/1:0.0.1+git20110825-3/src/dbus.h?hl=35#L35 >> >> shadows the fact that _fso_pim_dates actually requires an argument: >> >> http://sources.debian.net/src/libphone-ui/1:0.0.1+git20110825-3/src/dbus.c?hl=70#L70 >> >> Consequently the call here: >> >> http://sources.debian.net/src/libphone-ui/1:0.0.1+git20110825-3/src/phoneui-utils.c?hl=399#L399 >> >> will cause a stack underflow and thus results in undefined behaviour (here >> this >> might cause reading of an arbitrary g-object-path, which may result in memory >> errors or even inappropriately accessing data). >> >> Best, >> Michael > > Just pushed fixes to libphone-ui and libfsoframework: > > http://git.shr-project.org/git/?p=libphone-ui.git;a=commit;h=d752cdf6a3918cd0737f09e8f592cfda46f976f2 > http://git.freesmartphone.org/?p=cornucopia.git;a=commit;h=fac64d3accdc0d2cea92adb02ccc4c77a33249e6
Thanks a lot, Sebastian! BR, Lukas
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shr-devel mailing list Shr-devel@lists.shr-project.org http://lists.shr-project.org/mailman/listinfo/shr-devel
