Hide Forgot
_xiodump() in xio-ascii.c has questionable length check and needs to compare against (codlen - 1) / 3, not 2 * codlen + 1. It also should cap the input length at that value. (3 characters per byte in case of interleaving spaces.) codlen must be at least 1 (assert?). xiodump() can write beyond the end of the buffer, but its callers compensate for that by not including the NUL byte in the passed size.
Has been fixed in upstream release 1.7.2.4
This bug is addressed by ERRATA RHBA-2017:2049-03 socat bug fix update https://errata.devel.redhat.com/advisory/26967