Package: tinyirc Version: 1:1.1.dfsg.1-3 Usertags: goto-cc During an analysis of all packages using our research compiler tool-chain (using tools from the cbmc package) the following error was found:
Function wordwrapout necessarily takes two arguments: http://sources.debian.net/src/tinyirc/1:1.1.dfsg.1-3/tinyirc.c?hl=521#L521 Yet two calls (in lines 586 and 723) only pass the first argument, lacking the essential second "count" argument. (Other calls to pass two arguments.) This will cause a stack underflow, resulting in undefined behaviour - which here likely results in crashes as invalid memory accesses will be the result. Best, Michael
pgpIsRNskeEBz.pgp
Description: PGP signature
