[Mono-bugs] [Bug 77288][Min] New - mono_metadata_signature_dup
memory overread
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Tue Jan 17 13:45:15 EST 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by aras at otee.dk.
http://bugzilla.ximian.com/show_bug.cgi?id=77288
--- shadow/77288 2006-01-17 13:45:15.000000000 -0500
+++ shadow/77288.tmp.3008 2006-01-17 13:45:15.000000000 -0500
@@ -0,0 +1,29 @@
+Bug#: 77288
+Product: Mono: Runtime
+Version: 1.1
+OS: All
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Minor
+Component: misc
+AssignedTo: mono-bugs at ximian.com
+ReportedBy: aras at otee.dk
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: mono_metadata_signature_dup memory overread
+
+When using a compiler where MONO_ZERO_LEN_ARRAY is not zero (e.g. msvc),
+mono_metadata_signature_dup can segfault because it tries to copy more
+bytes than are actually present in MonoMethodSignature. This behavior is
+present in 1.1.13.1 release.
+
+The fix is changing
+ sig->param_count
+inside mono_metadata_signature_dup to
+ (sig->param_count-MONO_ZERO_LEN_ARRAY)
+
+Attached a diff file for mono/metadata/metadata.c
More information about the mono-bugs
mailing list