Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #15363 > unrolled thread
| Started by | Roland Illig <roland.illig@gmx.de> |
|---|---|
| First post | 2019-09-15 20:24 +0200 |
| Last post | 2019-09-15 20:24 +0200 |
| Articles | 1 — 1 participant |
Back to article view | Back to gnu.bash.bug
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
possible buffer overflow by bad translation Roland Illig <roland.illig@gmx.de> - 2019-09-15 20:24 +0200
| From | Roland Illig <roland.illig@gmx.de> |
|---|---|
| Date | 2019-09-15 20:24 +0200 |
| Subject | possible buffer overflow by bad translation |
| Message-ID | <mailman.295.1568571866.2190.bug-bash@gnu.org> |
>From siglist.c:
sys_siglist[i] =
(char *)xmalloc (10 + strlen (_("Unknown Signal #")));
sprintf (sys_siglist[i], _("Unknown Signal #%d"), i);
If the translator doesn't look at the code using these two messages,
they may be translated in a totally different way. Luckily, in the
current German translation, the malloc string is only one character
shorter than the sprintf string, therefore this bug would only cause
undefined behavior for very large signal numbers.
Nevertheless, this must be fixed. The same string must be used for
xmalloc and sprintf. What about the standard pattern of using snprintf
with a null pointer first, to determine the actually needed memory?
Back to top | Article view | gnu.bash.bug
csiph-web