On Sun, Apr 13, 2014 at 08:38:11AM -0500, Ranjan Maitra wrote: > On Sun, 13 Apr 2014 09:15:04 -0400 Rahul Sundaram <methe...@gmail.com> > wrote: > > > Hi > > > > > > On Sun, Apr 13, 2014 at 6:23 AM, Timothy Murphy wrote: > > > > > Roger wrote: > > > > > > > It happened. It was known for years. > > > > > > Everything I have seen says it has been known for about 1 week. > > > > > > Incidentally, I am no programmer but I would have thought > > > it would be relatively simple to set up a test > > > to see if a "malloc"-ed space could be transgressed. > > > > > > > Not in this case. openssl uses a custom malloc > > > > So, a valgrind -tool=memcheck --leak-check=yes --show-reachable=yes > --track-fds=yes --track-origins=yes would not have helped?
AFAIU this is not a memory leak; it is a buffer overflow: lack of bounds checking. I do not think valgrind (or any other tool) can help with that. Feel free to correct me if I am wrong. Cheers, -- Suvayu Open source is the future. It sets us free. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
