Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

buffer overflow bug when run ./pn_dev #562

Open
lijunqiang123 opened this issue Jul 21, 2023 · 0 comments
Open

buffer overflow bug when run ./pn_dev #562

lijunqiang123 opened this issue Jul 21, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@lijunqiang123
Copy link

lijunqiang123 commented Jul 21, 2023

Hello, The program has a buffer overflow vulnerability when running the program pn_dev. Specifically, the startup command is: ./pn_dev -s qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq (There are 241 q) .

I have analyzed the code p-net/src/ports/linux/sampleapp_main.c and found that it is because when parsing the input parameter -s, the length of the input parameters is not limited. But output_arguments.station_name is defined as an array of length 241. The following is the corresponding source code.
image
image
Looking forward to your reply, thank you.

@pyhys pyhys added the bug Something isn't working label Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants