[Bugme-janitors] [Bug 9565] New: Possible buffer overflow

bugme-daemon at bugzilla.kernel.org bugme-daemon at bugzilla.kernel.org
Fri Dec 14 14:47:33 PST 2007


http://bugzilla.kernel.org/show_bug.cgi?id=9565

           Summary: Possible buffer overflow
           Product: Drivers
           Version: 2.5
     KernelVersion: 2.6.23
          Platform: All
        OS/Version: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: Video(Other)
        AssignedTo: drivers_video-other at kernel-bugs.osdl.org
        ReportedBy: marciobuss at gmail.com


On file drivers/video/neofb.c it seems there are multiple buffer overrrun
errors involving "info->fix.id" For example, on line 2103 the statement

sprintf(info->fix.id, "MagicGraph 256XL+");

writes 18 bytes (including the terminator character) into info->fix.id,
yet fix.id is only 16 bytes long. Is there any catch here, or the programmer
did overlook the lenght of "id"?


-- 
Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


More information about the Bugme-janitors mailing list