Bug#868356: dpkg: integer overflow in deb_version_parse()

This test: if (asprintf(&vs, "%ld.0", (long int)(1L + INT_MAX)) < 0) triggers integer overflow on 32-bit architectures, where int and long have the same width. You probably wanted: if (asprintf(&vs, "%u.0\n", 1U + (unsigned int)INT_MAX)) -- Jakub Wilk

Bug#868356: dpkg: integer overflow in deb_version_parse()

On 2017-07-14 22:24 +0200, Jakub Wilk wrote: > Source: dpkg > Version: 1.18.24 > Severity: minor > > The attached crafted package triggers signed integer overflow in > deb_version_parse(). This is undefined behavior. Using unsigned data types avoids the undefined behavior, although not the overfl

Bug#868356: dpkg: integer overflow in deb_version_parse()

Source: dpkg Version: 1.18.24 Severity: minor The attached crafted package triggers signed integer overflow in deb_version_parse(). This is undefined behavior. -- Jakub Wilk intoverflow.deb Description: application/vnd.debian.binary-package