** Changed in: epics-base/3.15
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of EPICS
Core Developers, which is subscribed to EPICS Base.
Matching subscriptions: epics-core-list-subscription
https://bugs.launchpad.net/bugs/1776141
Title:
Buffer overrun in dbpr with long INP field
Status in EPICS Base:
Fix Released
Status in EPICS Base 3.15 series:
Fix Committed
Status in EPICS Base 3.16 series:
Fix Released
Status in EPICS Base 7.0 series:
Fix Released
Bug description:
softIoc crashes with a buffer overflow in dbTest.c:1152 when running
"dbpr A 4" on the attached database file (test.db).
Root cause: pmsg points to msgBuff->message which has a fixed size of
128 but the output of sprintf can be longer.
I can see two potential solutions here:
1. Use snprintf() to prevent the buffer overflow.
2. Convert the file to C++ and use strings.
Note: dbTest.c contains a total of 23 sprintf() calls so there might
be potential for more issues...
To manage notifications about this bug go to:
https://bugs.launchpad.net/epics-base/+bug/1776141/+subscriptions
- Navigate by Date:
- Prev:
AW: Problems with hanging osiSockTest Zimoch Dirk (PSI) via Core-talk
- Next:
Re: Problems with hanging osiSockTest Johnson, Andrew N. via Core-talk
- Index:
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
<2020>
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
[Bug 1776141] Re: Buffer overrun in dbpr with long INP field Martin Konrad via Core-talk
- Next:
[Merge] ~info-martin-konrad/epics-base:backport-fix-for-lp1776141 into epics-base:3.15 Martin Konrad via Core-talk
- Index:
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
<2020>
2021
2022
2023
2024
|