thr3ads.net - openssh bugs - [Bug 2684] New: calling realloc with a size <= 0 [Feb 2017]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.mindrot.org

2017-Feb-25 20:50 UTC

[Bug 2684] New: calling realloc with a size <= 0

https://bugzilla.mindrot.org/show_bug.cgi?id=2684

            Bug ID: 2684
           Summary: calling realloc with a size <= 0
           Product: Portable OpenSSH
           Version: -current
          Hardware: amd64
                OS: FreeBSD
            Status: NEW
          Severity: normal
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: trix at juniper.net

Created attachment 2949
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2949&action=edit
The fix for master branch at commit id
d5499190559ebe374bcdfa8805408646ceffad64

Problem flagged by clang's static analyzer as :
Undefined allocation of 0 bytes (CERT MEM04-C; CWE-131) 

The fix is the check the inputs better.
See the attachment for the location/fix

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2017-Feb-28 06:06 UTC

head link

[Bug 2684] calling realloc with a size <= 0

https://bugzilla.mindrot.org/show_bug.cgi?id=2684

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
realloc with 0 size is defined as per
http://pubs.opengroup.org/onlinepubs/009695399/functions/realloc.html
> If size is 0, either a null pointer or a unique pointer that can be 
> successfully passed to free() shall be returned
-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2017-Jun-09 04:46 UTC

head link

[Bug 2684] calling realloc with a size <= 0

https://bugzilla.mindrot.org/show_bug.cgi?id=2684

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WONTFIX
             Status|NEW                         |RESOLVED

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

bugzilla-daemon at mindrot.org

2021-Apr-23 04:55 UTC

head link

[Bug 2684] calling realloc with a size <= 0

https://bugzilla.mindrot.org/show_bug.cgi?id=2684

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

Possibly Parallel Threads

Search for more maybe matching threads

openssh bugs - Feb 2017 - [Bug 2684] New: calling realloc with a size <= 0

[Bug 2684] New: calling realloc with a size <= 0

[Bug 2684] calling realloc with a size <= 0

[Bug 2684] calling realloc with a size <= 0

[Bug 2684] calling realloc with a size <= 0

Possibly Parallel Threads