hdr.version is defined as: char version[4]. "version" is extern, so the length is unknown at compile time. At runtime, however, the problem happens, as "version" is ultimately defined as "7.11.1" via rss/version.c and /VERSION. This is a real overflow. I recommend the following patch to for the moment until upstream has a better suggestion:
strncpy(hdr.version, version, sizeof(hdr.version)); this will leave the hdr.version unterminated, but based on other code that tries to read it, this field appears to be evaluated not as a string, so it's likely to be okay. If not, use: strncpy(hdr.version, version, sizeof(hdr.version)); hdr.version[sizeof(hdr.version)-1]='\0'; -- icmake disables FORTIFY https://bugs.launchpad.net/bugs/301624 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
