coreutils

#1

Link : https://github.com/coreutils/coreutils/commit/4954f79ad2e38e4198af301bf52c3562af39d482
Description: Memory corruption during chunk extraction

At src/split.c

@@ -982,7 +982,7 @@ bytes_chunk_extract (uintmax_t k, uintmax_t n, char *buf, size_t bufsize,
   start = (k - 1) * (file_size / n);
   end = (k == n) ? file_size : k * (file_size / n);
+  if (start < initial_read)
-  if (initial_read != SIZE_MAX || start < initial_read)
     {
       memmove (buf, buf + start, initial_read - start);
       initial_read -= start;

Tags
#Invalid-condition #Memory-error #Address-sanitizer #Single-line #Modified

#2

Link : https://github.com/coreutils/coreutils/commit/d91aeef0527bf8ec0f83c3c3b69f3979c0b4c4a0
Description: Read from invalid memory with tabs in separator

At src/pr.c

@@ -1233,7 +1233,7 @@ init_parameters (int number_of_files)
         }
       /* It's rather pointless to define a TAB separator with column
          alignment */
+      else if (!join_lines && col_sep_length == 1 && *col_sep_string == '\t')
-      else if (!join_lines && *col_sep_string == '\t')
         col_sep_string = column_separator;
       truncate_lines = true;

Tags
#Invalid-condition #Memory-error #Address-sanitizer #Single-line #Modified

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

coreutils

#1

#2

HOME

TAGS

Lines

Patch Type

Error Type

#CVE

#Address_Sanitizer

Clone this wiki locally