Uploaded image for project: 'ROOT'
  1. ROOT
  2. ROOT-6239

TClass::EscapeChars seg fault

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • High
    • Resolution: Fixed
    • 5.34/00
    • None
    • Core Libraries
    • None
    • all

    Description

      char *TClass::EscapeChars(const char *text) const allocates a 128-byte static buffer for its output. It checks if the input text isn't larger than 127 chars (good), but after escaping, the output written to the buffer may be larger, leading to memory corruption.

      The interpreter doesn't (always) crash: silent memory corruption. G++-compiled programs usually get very upset (seg fault). Code to reproduce:

      #include "TClass.h"

      #include <iostream>
      using namespace std;

      int main()
      {
      TClass a;
      cout << a.EscapeChars("[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[") << endl;
      return 0;
      }

      Attachments

        Activity

          People

            pcanal Philippe Canal
            dgeerts Daniel Geerts (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: