GNU bug report logs - #76907
Potential buffer overflow in getsockopt

Previous Next

Package: guile;

Reported by: Mike Gran <spk121 <at> yahoo.com>

Date: Mon, 10 Mar 2025 00:58:02 UTC

Severity: normal

Done: Rob Browning <rlb <at> defaultvalue.org>

Bug is archived. No further changes may be made.

Full log

Message #13 received at 76907-done <at> debbugs.gnu.org (full text, mbox):

From: Rob Browning <rlb <at> defaultvalue.org>
To: Mike Gran <spk121 <at> yahoo.com>, 76907-done <at> debbugs.gnu.org
Subject: Re: bug#76907: Potential buffer overflow in getsockopt
Date: Tue, 18 Mar 2025 14:36:31 -0500

Mike Gran via "Bug reports for GUILE, GNU's Ubiquitous Extension
Language" <bug-guile <at> gnu.org> writes:

> struct timeval is a potential return value of struct getsockopt, but,
> when HAVE_STRUCT_LINGER is not defined, scm_t_getsockopt_result may
> be too small to hold a struct timeval.

Pushed to main along with a commit to add -Werror=array-bounds when
available which would have caught the issue.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

This bug report was last modified 60 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #76907 Potential buffer overflow in getsockopt

GNU bug report logs - #76907
Potential buffer overflow in getsockopt