Opened 11 years ago

Closed 10 years ago

#10221 closed bug (fixed)

Fixed arbitrary memory reading

Reported by: Ezodev Owned by: nobody
Priority: normal Milestone: R1
Component: - General Version: R1/Development
Keywords: gci2013 Cc:
Blocked By: Blocking:
Platform: All

Description

Found this in Coverity, CID:1108404

But, I'm 99% sure it is just false positive. I created tihs ticket because it may be serious bug.

Method BuildReportList reads what contains table of pointers of second parameter. But, this was uninitialized.

I saw this is 99% false positive because if it's kernel mode this willn't crash machine. But I saw preprocessor constant with word USERLAND and I'm not sure if it's kernel mode. If it's, setting this array to nulls is probably only wasting cpu cycles.

Attachments (1)

0001-Initializing-pointers-to-prevent-arbitrary-memory-re.patch (1002 bytes ) - added by Ezodev 11 years ago.

Download all attachments as: .zip

Change History (4)

comment:1 by Ezodev, 11 years ago

patch: 01

comment:2 by Ezodev, 11 years ago

I've written this comment in wrong ticket, sorry.

Version 1, edited 11 years ago by Ezodev (previous) (next) (diff)

comment:3 by pulkomandy, 10 years ago

Resolution: fixed
Status: newclosed

Fixed in a slightly simpler way in hrev48546.

Note: See TracTickets for help on using tickets.