Update of sr #104303 (project m4):
Priority: 5 - Normal => 7 - High
Severity: 3 - Normal => 6 - Security
Status: None => Confirmed
Assigned to: None => ericb
_______________________________________________________
Follow-up Comment #1:
Confirmed. Depending on whether configure detected ecvt (which POSIX has
declared obsolete), we are either using ecvt to format ourselves (with the
risk of doing it wrong, as you demonstrated), or overflowing a buffer and
allowing execution of arbitrary code by letting sprintf do the formatting.
m4 1.4.5 will have a fix for this issue.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?func=detailitem&item_id=104303>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
_______________________________________________
Bug-m4 mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/bug-m4
