Malloc handling bugs in grep

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Malloc handling bugs in grep

From:	Sorav Bansal
Subject:	Malloc handling bugs in grep
Date:	Tue, 21 Sep 2004 12:46:32 -0700 (PDT)

Hi,

  My bug-finding tool has discovered malloc-handling bugs in the current
grep distribution (grep-2.5).

  I am reporting the bugs here. I would be sending along more bugs later
if I find them :-)

cheers,
Sorav

Bug #1:
------
dfa.c: 3566
        dma->exact = exact

dma is not checked against NULL before being dereferenced.

Bug #2:
------
dfa.c: 3568
        strcpy(dm->must,result)

dm->must is not checked against NULL before being passed to strcpy


Bug #3:
------
search.c: 238
        strcpy (n, match_lines ? line_beg : word_beg);
"n" is malloced but not checked against NULL before being passed to strcpy

[Prev in Thread]

Current Thread

[Next in Thread]

Malloc handling bugs in grep, Sorav Bansal <=
- Re: Malloc handling bugs in grep, Stepan Kasal, 2004/09/26

Prev by Date: ld: undefined reference to unused function
Next by Date: Re: [PATCH] Permit user to select keys when using sdiff merge
Previous by thread: ld: undefined reference to unused function
Next by thread: Re: Malloc handling bugs in grep
Index(es):
- Date
- Thread