You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@xalan.apache.org by "Int3 (JIRA)" <ji...@apache.org> on 2015/03/02 05:30:04 UTC
[jira] [Updated] (XALANC-760) Code analysis revealed multiple
potential buffer overflows
[ https://issues.apache.org/jira/browse/XALANC-760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Int3 updated XALANC-760:
------------------------
Attachment: XalanXMLFileReporter.patch
XalanExe.patch
MsgCreator.patch
InMemHandler.patch
> Code analysis revealed multiple potential buffer overflows
> ----------------------------------------------------------
>
> Key: XALANC-760
> URL: https://issues.apache.org/jira/browse/XALANC-760
> Project: XalanC
> Issue Type: Bug
> Components: XalanC
> Affects Versions: 1.11
> Reporter: Int3
> Assignee: Steven J. Hathaway
> Attachments: InMemHandler.patch, MsgCreator.patch, XalanExe.patch, XalanXMLFileReporter.patch
>
>
> src/xalanc/Harness/XalanXMLFileReporter.cpp
> The float at line 490 can exceed 40 bytes in length (max double is 317 bytes)
> src/xalanc/Utils/MsgCreator/MsgCreator.cpp
> This utility lacks any buffer bounding to protect against buffer overflows
> src/xalanc/Utils/MsgCreator/InMemHandler.cpp
> This utility lacks any buffer bounding to protect against buffer overflows
> src/xalanc/XalanExe/XalanExe.cpp
> There is no upper bound on n_maxParams
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@xalan.apache.org
For additional commands, e-mail: dev-help@xalan.apache.org