OSGeo.org › OSGeo Software and Data Projects › GRASS › Grass - Dev

[GRASS GIS] #800: r.random - buffer overflow on long mapset/map names

4 messages Options
Embed this post
Permalink
GRASS GIS

[GRASS GIS] #800: r.random - buffer overflow on long mapset/map names

Reply Threaded More More options
Print post
Permalink
#800: r.random - buffer overflow on long mapset/map names
--------------------------+-------------------------------------------------
 Reporter:  ferrouswheel  |       Owner:  [hidden email]
     Type:  defect        |      Status:  new                      
 Priority:  normal        |   Milestone:  6.4.0                    
Component:  default       |     Version:  unspecified              
 Keywords:                |    Platform:  Unspecified              
      Cpu:  Unspecified   |  
--------------------------+-------------------------------------------------
 In r.random/support.c there are sprintf calls which cause buffer overflow
 errors when the map names and mapsets are too long. I've attached a patch
 to replace with snprintf. This truncates the messages, but the RECORD_LEN
 for the History struct is by default only 80.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/800>
GRASS GIS <http://grass.osgeo.org>

_______________________________________________
grass-dev mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/grass-dev
GRASS GIS

Re: [GRASS GIS] #800: r.random - buffer overflow on long mapset/map names

Reply Threaded More More options
Print post
Permalink
#800: r.random - buffer overflow on long mapset/map names
---------------------------+------------------------------------------------
  Reporter:  ferrouswheel  |       Owner:  [hidden email]
      Type:  defect        |      Status:  new                      
  Priority:  normal        |   Milestone:  6.4.0                    
 Component:  Raster        |     Version:  svn-develbranch6        
Resolution:                |    Keywords:                          
  Platform:  All           |         Cpu:  All                      
---------------------------+------------------------------------------------
Changes (by ferrouswheel):

  * platform:  Unspecified => All
  * version:  unspecified => svn-develbranch6
  * component:  default => Raster
  * cpu:  Unspecified => All

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/800#comment:1>
GRASS GIS <http://grass.osgeo.org>

_______________________________________________
grass-dev mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/grass-dev
GRASS GIS

Re: [GRASS GIS] #800: r.random - buffer overflow on long mapset/map names

Reply Threaded More More options
Print post
Permalink
In reply to this post by GRASS GIS
#800: r.random - buffer overflow on long mapset/map names
---------------------------+------------------------------------------------
  Reporter:  ferrouswheel  |       Owner:  [hidden email]
      Type:  defect        |      Status:  new                      
  Priority:  normal        |   Milestone:  6.4.0                    
 Component:  Raster        |     Version:  svn-develbranch6        
Resolution:                |    Keywords:                          
  Platform:  All           |         Cpu:  All                      
---------------------------+------------------------------------------------
Comment (by glynn):

 Replying to [ticket:800 ferrouswheel]:
 > In r.random/support.c there are sprintf calls which cause buffer
 overflow errors when the map names and mapsets are too long. I've attached
 a patch to replace with snprintf.

 snprintf() isn't in C89; if you want to use it, you need to add a
 configure check, and provide an alternate in case it isn't available.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/800#comment:2>
GRASS GIS <http://grass.osgeo.org>

_______________________________________________
grass-dev mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/grass-dev
GRASS GIS

Re: [GRASS GIS] #800: r.random - buffer overflow on long mapset/map names

Reply Threaded More More options
Print post
Permalink
In reply to this post by GRASS GIS
#800: r.random - buffer overflow on long mapset/map names
---------------------------+------------------------------------------------
  Reporter:  ferrouswheel  |       Owner:  [hidden email]
      Type:  defect        |      Status:  new                      
  Priority:  normal        |   Milestone:  6.4.0                    
 Component:  Raster        |     Version:  svn-develbranch6        
Resolution:                |    Keywords:                          
  Platform:  All           |         Cpu:  All                      
---------------------------+------------------------------------------------
Comment (by hamish):

 Hi,

 title overflow fixed in 6.5svn with r39679. I notice that a similar
 problem exists with the (priorly redundant but now relevant) data source
 metadata. IIRC those are limited to 80 (??) chars currently by gis.h.

 the @mapset part can be dropped for starters, and G_command_history()
 added.

 nothing ported to other branches yet.


 Hamish

--
Ticket URL: <https://trac.osgeo.org/grass/ticket/800#comment:3>
GRASS GIS <http://grass.osgeo.org>

_______________________________________________
grass-dev mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/grass-dev
Free Embeddable Forum Powered by Nabble Help