2018-05-26 09:48 CEST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005326GNUnetutil librarypublic2018-05-10 11:18
ReporterMarcello Stanisci 
Assigned To 
PrioritylowSeveritytweakReproducibilityalways
StatusnewResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0005326: getopt blindly accept any number given on the command line
DescriptionSay that a option '-n' is registered with GNUNET_GETOPT_option_uint(),
and that it is then passed as '-n -4' from a command line invocation.

The parsing helper (set_uint() function) will feed whatever value
-4 is into memory to sscanf, which will silently parse it as "%u".

This then gives some unexpected value that is not possible to check,
as it *is* unsigned int indeed.
TagsNo tags attached.
Attached Files

-Relationships Relation Graph ] Dependency Graph ]
+Relationships

-Notes
There are no notes attached to this issue.
+Notes

-Issue History
Date Modified Username Field Change
2018-05-10 11:18 Marcello Stanisci New Issue
+Issue History