2019-01-23 23:26 CET

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005326GNUnetutil librarypublic2018-06-24 12:24
ReporterMarcello Stanisci 
Assigned ToFeideus 
Product Version 
Target VersionFixed in Version 
Summary0005326: getopt blindly accept any number given on the command line
DescriptionSay that a option '-n' is registered with GNUNET_GETOPT_option_uint(),
and that it is then passed as '-n -4' from a command line invocation.

The parsing helper (set_uint() function) will feed whatever value
-4 is into memory to sscanf, which will silently parse it as "%u".

This then gives some unexpected value that is not possible to check,
as it *is* unsigned int indeed.
TagsNo tags attached.
Attached Files

-Relationships Relation Graph ] Dependency Graph ]



Feideus (developer)

Added check in the case of a %u negative value.

-Issue History
Date Modified Username Field Change
2018-05-10 11:18 Marcello Stanisci New Issue
2018-06-23 15:13 Feideus Assigned To => Feideus
2018-06-23 15:13 Feideus Status new => assigned
2018-06-24 12:24 Feideus Status assigned => resolved
2018-06-24 12:24 Feideus Resolution open => fixed
2018-06-24 12:24 Feideus Note Added: 0013066
+Issue History