STR-784: Stack corruption in SSL_checksum
The SSL_checksum causes 1 byte to be written beyond the end of a stack-allocated buffer. See the following code:
char buf[32] ;
int i, offset = 0;for (i=0; i<16 ; i++) {
offset += sprintf(&(buf[offset]), “%02x”, digest[i]);
}I compiled strategoxt-0.17pre19210 on OS X 10.6.2 with gcc version 4.2.1 (Apple Inc. build 5646), which contains stack checking logic. The program was compiled using -m32 (due to other problems I encountered when using the default 64-bit compile).
This bug is triggered in certain situations in which str is compiling dynamic rules.
Here is a sample program which triggers it (strc exits with an abort trap signal):
module test
strategies
foo = rules(Test: “a” -> “b”)
main = if
Submitted on 8 December 2009 at 11:39
Issue Log
STR-784, rbvermaa:
This was resolved in revision 19744 by Lennart.
Log in to post comments