-
Notifications
You must be signed in to change notification settings - Fork 318
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issues found with Coverity #207
Comments
Thank you for your report.
|
Thanks for your quick reply and analysis! |
Thanks so much for the quick analysis. The ARRAY_VS_SINGLETON issue that Coverity found is a false positive in this case. (It's a useful enough check, I've seen other programs do something similar, but fail to do the arithmetic to bound the access as has been done here, so I was pleased to see Coverity check for it.) Thanks for checking the other issues, some felt plausible and were difficult to tell without indepth knowledge. |
I think I've fixed everything except what I said in my previous comment that there was no problem. |
Excellent, thanks; does cbe9f8b represent a security issue or just a bug? Thanks |
I don't know what to answer, but I wasn't doing anything wrong, just exceeding the buffer size, so it's probably a security issue. |
I've asked MITRE to assign a CVE number for this issue; I've tried to summarize it as best I could, I'll write back if they assign one. Thanks! |
Use CVE-2020-26159 for the buffer overwrite in cbe9f8b . Thanks again, kkos. |
Thank you for letting me know. |
The following part of code in concat_opt_exact function seems to be affected by one-byte buffer overflow.
Could someone look at it? Thanks. |
Thank you for the fix. |
Note the CVE has been rejected in meanwhile. |
Hi,
As part of a Main Inclusion Request to support libonig in Ubuntu, we ran coverity on top of version 6.9.5 and it reported a total of 27 errors.
Could you please take a look at them and let us know in case of any false positives.
Thanks,
Eduardo
The text was updated successfully, but these errors were encountered: