date:20250318

bug#76907: Potential buffer overflow in getsockopt

2025-03-18 Thread Rob Browning

Mike Gran via "Bug reports for GUILE, GNU's Ubiquitous Extension
Language"  writes:

> struct timeval is a potential return value of struct getsockopt, but,
> when HAVE_STRUCT_LINGER is not defined, scm_t_getsockopt_result may
> be too small to hold a struct timeval.

Pushed to main along with a commit to add -Werror=array-bounds when
available which would have caught the issue.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

bug#75860: Somewhat confusing exception message with append

2025-03-18 Thread Rob Browning

Tomas Nordin  writes:

> But, in both cases the faulty argument is reported to be in position 1.
> I would expect maybe position 2 to be complained about from the second
> call.

...and it appears to be correct when run via -c or a script.

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

bug#76907: Potential buffer overflow in getsockopt

bug#75860: Somewhat confusing exception message with append

2 matches

Site Navigation

Mail list logo

Footer information