Skip to content

Fixing two buffer overflow issues #592

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dutow wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fixing two buffer overflow issues #592

dutow wants to merge 2 commits into from

Conversation

@dutow
Copy link
Contributor

@dutow dutow commented Dec 5, 2025

Correct the size of tmp array

The snprintf using it should work with any int, which means this string
has to fit ",-2147483648\0", which is 12 characters + a null terminator.

Otherwise it could lead to a buffer overflow, corrupting other variables
on the stack, and maybe causing a crash too?

Fix resp_calls array size

This got broken during a refactoring in de71282. We need the plus 2
items because of the overflow/underflow bucket, without that we can
possibly overindex this array and corrupt other counters.

In earlier versions we even had the encoding variable stored directly
after this array, which possibly caused crashes or incorrectly working
string functions.

dutow added 2 commits December 5, 2025 19:46
@dutow
Correct the size of tmp array
3a647a2 
The snprintf using it should work with any int, which means this string
has to fit ",-2147483648\0", which is 12 characters + a null terminator.

Otherwise it could lead to a buffer overflow, corrupting other variables
on the stack, and maybe causing a crash too?
@dutow
Fix resp_calls array size
9fd3141 
This got broken during a refactoring in de71282. We need the plus 2
items because of the overflow/underflow bucket, without that we can
possibly overindex this array and corrupt other counters.

In earlier versions we even had the encoding variable stored directly
after this array, which possibly caused crashes or incorrectly working
string functions.
@dutow dutow requested a review from artemgavrilov as a code owner December 5, 2025 19:52
@codecov
Copy link

codecov bot commented Dec 5, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.46%. Comparing base (71b045b) to head (9fd3141).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #592      +/-   ##
==========================================
- Coverage   85.48%   85.46%   -0.02%     
==========================================
  Files           3        3              
  Lines        1343     1342       -1     
  Branches      215      215              
==========================================
- Hits         1148     1147       -1     
  Misses         92       92              
  Partials      103      103

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@artemgavrilov artemgavrilov artemgavrilov approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dutow @artemgavrilov