This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
[patch] fix buffer overflow in windres
- From: Thomas Weidenmueller <w3seek at reactos dot com>
- To: binutils at sources dot redhat dot com
- Date: Mon, 10 Oct 2005 17:26:06 +0200
- Subject: [patch] fix buffer overflow in windres
- Openpgp: id=397F03EB
There's a buffer overflow in res_to_bin_accelerator() where a word is
written outside of the range of the allocated memory. There's a bugfix
for this already (bug #1259) but instead of fixing the real issue, it
just increases the size of the buffer.
The attached patch should fix the bug correctly.
- Thomas
Index: binutils/resbin.c
===================================================================
RCS file: /cvs/src/src/binutils/resbin.c,v
retrieving revision 1.8
diff -u -r1.8 resbin.c
--- binutils/resbin.c 8 May 2005 14:17:39 -0000 1.8
+++ binutils/resbin.c 10 Oct 2005 14:56:27 -0000
@@ -1415,7 +1415,7 @@
d->data);
put_16 (big_endian, a->key, d->data + 2);
put_16 (big_endian, a->id, d->data + 4);
- put_16 (big_endian, 0, d->data + 8);
+ put_16 (big_endian, 0, d->data + 6);
d->next = NULL;
*pp = d;