This patch is against current svn and contains three classes of fix: - Ensure the result is properly terminated after calls to strncpy() - Replace calls of sprintf() with snprintf() - Added a PROTECT() call in do_while which could cause memory errors if evaluating the condition results in a warning. Thanks, Karl
Patch for R to fix some buffer overruns and add a missing PROTECT().
3 messages · Karl Millar, Duncan Murdoch
On 23/09/2014 3:20 PM, Karl Millar wrote:
This patch is against current svn and contains three classes of fix:
- Ensure the result is properly terminated after calls to strncpy()
- Replace calls of sprintf() with snprintf()
- Added a PROTECT() call in do_while which could cause memory
errors if evaluating the condition results in a warning.
Nothing was attached. Generally fixes like this are best sent to bugs.r-project.org, and they receive highest priority if accompanied by code demonstrating why they are needed, i.e. crashes or incorrect results in current R. Those will likely be incorporated as regression tests. Duncan Murdoch
Bug submitted. Thanks. On Tue, Sep 23, 2014 at 12:42 PM, Duncan Murdoch
<murdoch.duncan at gmail.com> wrote:
On 23/09/2014 3:20 PM, Karl Millar wrote:
This patch is against current svn and contains three classes of fix:
- Ensure the result is properly terminated after calls to strncpy()
- Replace calls of sprintf() with snprintf()
- Added a PROTECT() call in do_while which could cause memory
errors if evaluating the condition results in a warning.
Nothing was attached. Generally fixes like this are best sent to bugs.r-project.org, and they receive highest priority if accompanied by code demonstrating why they are needed, i.e. crashes or incorrect results in current R. Those will likely be incorporated as regression tests. Duncan Murdoch