Skip to content

libqmi-glib,message: fix invalid memory read when parsing random data

  ==632689== Use of uninitialised value of size 8
  ==632689==    at 0x4D5B94B: _itoa_word (_itoa.c:177)
  ==632689==    by 0x4D66CF8: __vfprintf_internal (vfprintf-process-arg.c:164)
  ==632689==    by 0x4D88245: __vasprintf_internal (vasprintf.c:57)
  ==632689==    by 0x4C7661D: g_vasprintf (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7400.2)
  ==632689==    by 0x4C47E3C: g_strdup_vprintf (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7400.2)
  ==632689==    by 0x4C0FFAE: g_error_new_valist (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7400.2)
  ==632689==    by 0x4C1065A: g_set_error (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7400.2)
  ==632689==    by 0x4900781: message_check.isra.0 (qmi-message.c:323)
  ==632689==    by 0x49031EC: qmi_message_new_from_raw (qmi-message.c:1529)
  ==632689==    by 0x111F78: test_message_parse_common (test-message.c:91)
  ==632689==    by 0x112206: test_message_parse_wrong_qmux (test-message.c:116)
  ==632689==    by 0x4C5064D: ??? (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7400.2)
Edited by Aleksander Morgado

Merge request reports

Loading