Closed pelijah closed 3 years ago
@thestr4ng3r
Same issue as in #226. While your change fixes the issue for loading files without mmap, it is still technically wrong with how the API of sdb_text_load_buf()
is meant to be used (the buffer is allowed to be only of the given size) and will also fail when loading a file which has a size of exactly a multiple of the pagesize with mmap.
Meh... I’m not even the first...
Funny that we both found the bug within one hour after it has existed for 16 days.
Detailed description
Reserve extra byte for terminating null to prevent heap buffer overflow (https://github.com/radareorg/sdb/blob/master/src/text.c#L229) in last call of
load_flush_line()
(https://github.com/radareorg/sdb/blob/master/src/text.c#L364)Test plan
...
Closing issues
...