Quoting Suvayu Ali fatkasuvayu+linux@gmail.com:
On Sun, Apr 13, 2014 at 08:38:11AM -0500, Ranjan Maitra wrote:
On Sun, 13 Apr 2014 09:15:04 -0400 Rahul Sundaram metherid@gmail.com wrote:
Hi
On Sun, Apr 13, 2014 at 6:23 AM, Timothy Murphy wrote:
Roger wrote:
It happened. It was known for years.
Everything I have seen says it has been known for about 1 week.
Incidentally, I am no programmer but I would have thought it would be relatively simple to set up a test to see if a "malloc"-ed space could be transgressed.
Not in this case. openssl uses a custom malloc
So, a valgrind -tool=memcheck --leak-check=yes --show-reachable=yes --track-fds=yes --track-origins=yes would not have helped?
AFAIU this is not a memory leak; it is a buffer overflow: lack of bounds checking. I do not think valgrind (or any other tool) can help with that. Feel free to correct me if I am wrong.
Cheers,
-- Suvayu
see here: https://www.xkcd.com/
Dave
Open source is the future. It sets us free.
users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org