Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

overflow in tests/example_sig_stfl.c #1886

Closed
wangweij opened this issue Aug 9, 2024 · 1 comment · Fixed by #1887
Closed

overflow in tests/example_sig_stfl.c #1886

wangweij opened this issue Aug 9, 2024 · 1 comment · Fixed by #1887
Assignees
@SWilson4

Comments

@wangweij
Copy link
Contributor

wangweij commented Aug 9, 2024

Describe the bug

70		sk_fname = malloc(strlen(method_name) + strlen(".sk"));
....
78		strcpy(sk_fname, method_name);
79		strcat(sk_fname, ".sk");

Here, the size of sk_fname is only enough to contain method_name and ".sk" but not the zero at the end of ".sk".

To Reproduce
This is a coding error.

Suggested Fix

-	sk_fname = malloc(strlen(method_name) + strlen(".sk"));
+	sk_fname = malloc(strlen(method_name) + strlen(".sk") + 1);
@SWilson4 SWilson4 mentioned this issue Aug 9, 2024
Merged
2 tasks
@SWilson4
Copy link
Member

SWilson4 commented Aug 9, 2024

Thanks for the report! Created #1887 to fix.

@SWilson4 SWilson4 moved this from Todo to In Progress in liboqs planning Aug 9, 2024
@SWilson4 SWilson4 self-assigned this Aug 9, 2024
@github-project-automation github-project-automation bot moved this from In Progress to Done in liboqs planning Aug 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SWilson4 SWilson4

Labels
None yet
Projects
liboqs planning
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix overflow in stateful sigs tests open-quantum-safe/liboqs
2 participants
@wangweij @SWilson4