Linux Today: Linux News On Internet Time.

Validating Untrusted Integer Inputs

Jan 16, 2009, 19:02 (1 Talkback[s])

[ Thanks to An Anonymous Reader for this link. ]

"I am sure that by now, you would have identified some loop holes in this code. Now, a caller of this function can give different input values which might result in following flaws:

"1) The function might get an highest input value which results in a large memory allocation for 'char* str' which the function never expected.
2) The function might result in memory allocation failure as there is possiblity of the system running out of memory.
3) The function might have an overflow issue due to an increment in input value which could have been equal to SIZE_MAX.
These scenarios might serve as a boon for a hacker and he/she can instigate either a denial of service or any other buffer overflow errors."

Complete Story

Related Stories: