Fix buffer overflow causing heap corruption #62

Open
wants to merge 2 commits into
from

Conversation

Projects
None yet
1 participant

in src/hook/alsa.c: Is allocating len bytes for device name contained
in '-a' option values. Last char index is len-1 and code NULL terminate
the string one byte after the end of the array.

I have documented the possible effect of the buffer overflow here:
http://blog.olivierlanglois.net/index.php/2013/12/11/deadlock_when_using_glc

Micro optimization: I have replaced malloc+memset combo with calloc:
Rationale documented here:
http://blog.olivierlanglois.net/index.php/2013/12/11/malloc_memset_vs_calloc_which_is_better

in src/glc/common/log.c: Make log file stream line buffered (like stderr) to see traces
as they happen.

lano1106 and others added some commits Dec 12, 2013

@lano1106 lano1106 Fix buffer overflow causing heap corruption
in src/hook/alsa.c: Is allocating len bytes for device name contained
in '-a' option values. Last char index is len-1 and code NULL terminate
the string one byte after the end of the array.

I have documented the possible effect of the buffer overflow here:
http://blog.olivierlanglois.net/index.php/2013/12/11/deadlock_when_using_glc

Micro optimization: I have replaced malloc+memset combo with calloc:
Rationale documented here:
http://blog.olivierlanglois.net/index.php/2013/12/11/malloc_memset_vs_calloc_which_is_better

in src/glc/common/log.c: Make log file stream line buffered (like stderr) to see traces
as they happen.
855d214
Olivier Langlois Add missing param. c623179
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment