Opened 6 years ago

Closed 5 years ago

#10221 closed bug (fixed)

Fixed arbitrary memory reading

Reported by: Ezodev Owned by: nobody
Priority: normal Milestone: R1
Component: - General Version: R1/Development
Keywords: gci2013 Cc:
Blocked By: Blocking:
Has a Patch: yes Platform: All


Found this in Coverity, CID:1108404

But, I'm 99% sure it is just false positive. I created tihs ticket because it may be serious bug.

Method BuildReportList reads what contains table of pointers of second parameter. But, this was uninitialized.

I saw this is 99% false positive because if it's kernel mode this willn't crash machine. But I saw preprocessor constant with word USERLAND and I'm not sure if it's kernel mode. If it's, setting this array to nulls is probably only wasting cpu cycles.

Attachments (1)

0001-Initializing-pointers-to-prevent-arbitrary-memory-re.patch (1002 bytes ) - added by Ezodev 6 years ago.

Download all attachments as: .zip

Change History (4)

comment:1 by Ezodev, 6 years ago

Has a Patch: set

comment:2 by Ezodev, 6 years ago

Last edited 6 years ago by umccullough (previous) (diff)

comment:3 by pulkomandy, 5 years ago

Resolution: fixed
Status: newclosed

Fixed in a slightly simpler way in hrev48546.

Note: See TracTickets for help on using tickets.