Author Message

<  Everything Coding  ~  [BUG] Memory corrupt

PostPosted: Tue Sep 03, 2013 12:37 pm Reply with quote
Posts: 1Joined: Tue Sep 03, 2013 12:15 pm
Hi folks!

I found unpleasant bug.

You have:
Code:
 char DefaultProductList[4];

but you copy five (5) bytes (see code example usb_modeswitch.c:511):

Code:
 sprintf(DefaultProductList,"%04x",DefaultProduct);


I have get this bug when I builded this program for ARM (dynamic).
I tried switch modem from shell:
Code:
  usb_modeswitch -v 12d1 -p 1446 -M "55534243123456780000000000000011062000000100000000000000000000"


I fix code:
Code:
 517   printf("Len_1: %i\n",strlen(MessageContent));
 518   sprintf(DefaultProductList,"%04x",DefaultProduct);
 519   printf("Len_2: %i\n",strlen(MessageContent));


And saw:
Quote:
Len_1: 62
Len_2: 0


I think that sprintf is bad function, please use snprintf.
If you want I can make patch for this bug.

Sorry for my english.


Offline Profile
PostPosted: Tue Sep 03, 2013 6:48 pm Reply with quote
Site AdminPosts: 6360Joined: Sat Nov 03, 2007 12:30 am
Thanks, you are right of course. I'll make a bugfix release.

Funny that my tests on all desktop PCs did not show any error ...


Offline Profile

Display posts from previous:  Sort by:

All times are UTC + 1 hour [ DST ]
Page 1 of 1
2 posts
Users browsing this forum: No registered users and 1 guest
Search for:
Post new topic  Reply to topic
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum