tags 264453 - security tags 264453 + fixed-upstream thanks Florian Weimer wrote: > * Damyan Ivanov: > >>If you have no objections, I intent to close the bugreport. Ot should it be >>tagged "wontfix" and security tag removed? > > Either way is fine with me. If the underlying problem -- passing > around buffer addresses without the corresponding length -- is tracked > somewhere else (maybe under a "we need to switch to better data > structures" umbrella), it's probably not necessary to keep the Debian > bug open.
In fact, in CVS HEAD, the function in question (gds__interprete) is now
deprecated and replaced by safe_interpret, which receives buffer size as input
parameter (below). The old function may still be called somewhere, but as
discussed, this is no security threat.
I am tagging it fixed-upstream. The bug should go when version providing
safe_interpret is packaged.
Thanks for your help,
dam
/* CVC: This non-const signature is needed for compatibility. The reason is
....
November, 2004: We agree that fb_interpret is the new, safe interface.
Both gds__interprete and isc_interprete are deprecated. */
SLONG API_ROUTINE gds__interprete(char* s, ISC_STATUS** vector)
{
/**************************************
*
* g d s _ $ i n t e r p r e t e
*
**************************************
*
* Functional description
* See safe_interpret for details. Now this is a wrapper for that function.
* CVC: Since this routine doesn't get the size of the input buffer,
* it's DEPRECATED and we'll assume the buffer size was 1024 as in Borland
examples.
*
**************************************/
return safe_interpret(s, 1024, const_cast<const ISC_STATUS**>(vector),
true);
}
/**
safe_interpret
@brief Translate a status code with arguments to a string. Return the
length of the string while updating the vector address. If the
message is null (end of messages) or invalid, return 0;
@param s the output buffer where a human readable version of the error
is put
@param bufsize the size of the output buffer
@param vector the input, the address of const pointer to the status
vector
that was filled by an API call that reported an error. The function
positions the pointer on the next element of the vector.
**/
static SLONG safe_interpret(char* const s, const int bufsize,
const ISC_STATUS** const vector, bool legacy)
--
Damyan Ivanov Creditreform Bulgaria
[EMAIL PROTECTED] http://www.creditreform.bg/
phone: +359(2)928-2611, 929-3993 fax: +359(2)920-0994
mob. +359(88)856-6067 [EMAIL PROTECTED]/Gaim
signature.asc
Description: OpenPGP digital signature
