Bug 3733 – Potential buffer overflow in http driver

Bug 3733 - Potential buffer overflow in http driver

Summary:

Potential buffer overflow in http driver

Status:	RESOLVED FIXED

Product:	XIO
Component:	Globus XIO
Version:	4.0.0
Platform:	PC All

Importance:	P3 normal
Target Milestone:	---
Assigned To:	Joe Bester

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-09-07 11:26 by Joe Bester
Modified:	2005-09-20 10:48 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Joe Bester 2005-09-07 11:26:12

(From Joe Link)

Just tripped on this today:

in globus_i_xio_http_client_write_request()

char     size_buffer[sizeof(globus_size_t)+3];

with the largefile post test (525), that buffer gets filled with
"4194304\r\n" and is overrun.  Which, in my case, corrupts the fifo on
the stack and causes a segv.  (this is with gcc-4.0.1, which is probably
relevant, as mike couldn't reproduce it on his system with an older gcc)

------- Comment #1 From Joe Bester 2005-09-20 10:48:34 -------

Fix committed to 4.0 branch and trunk