[erlang-patches] [PATCH] ei: integer overflow in string/atom encoding

Raimo Niskanen <>
Tue Jun 7 18:32:04 CEST 2011


On Mon, Jun 06, 2011 at 10:55:19AM -0400, Michael Santos wrote:
> ei_encode_atom() and ei_encode_string() use strlen() to get the length
> of the buffer. As strlen() returns an unsigned long long and both ei
> functions take a signed integer, the length fields may overflow.
> 
> Check the results of strlen can be held in a signed integer.

Thank you. I have included your patch into 'pu'.

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB


More information about the erlang-patches mailing list