AddressSanitizer: heap-buffer-overflow daemon/remote/XmlRpc.cpp:896 in XmlCommand::NextParamAsInt(int*) #567
Comments
Back from holiday, I could spend some time on this: the ASAN heap-buffer-overflow is gone with this code (see original https://github.com/nzbget/nzbget/blob/develop/daemon/remote/XmlRpc.cpp#L896-L900 )
So: just return if the end of the string is reached. I don't know if @hugbug any feedback on this? The debugging was this:
... and then de ASAN Heap Overflow kicked in. |
Thank you for fixing this. I think the following version should do the same but is compacter, can you test it?
|
Ah, that is much more elegant code. 👍 Tested, and it works! No heap overflow with ASAN compiled in. (FWIW: I ignored that line |
It was meant Would you like to create a PR? |
fixed potential crash in web-interface.
I was playing with Address Sanitizer (https://github.com/google/sanitizers/wiki/AddressSanitizer): compiled nzbget (github version) with it, started nzbget (worked), but as soon as I access nzbget via the webinterface, nzbget stops and the console says the below. So a heap-buffer-overflow daemon/remote/XmlRpc.cpp:896 in XmlCommand::NextParamAsInt(int*).
Is this useful?
Please note: just playing with ASan.
PS:
This is how I configured (hacked?) Address Sanitizer aka ASAN into nzbget's Makefile:
The text was updated successfully, but these errors were encountered: