Bug#773305: Buffer overflow

I sent that email a bit too early. I found this using Coverity. -- -- Joshua Rogers -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#773305: Buffer overflow

On 17/12/14 04:08, Joshua Rogers wrote: > I sent that email a bit too early. > I found this using Coverity. Ugh, I'm too tired for this. I just realized it obviously cannot overlow, since %.250s is used. -- -- Joshua Rogers -- To UNSUBSCRIBE, email to debian-bugs-dist-r

Bug#773305: Buffer overflow

Package: dpkg Version: 1.17.22-9 Severity: normal In src/configure.c, in the 'show_diff' function, a buffer overflow in the 'cmdbuf' may occur on a long "PAGER" variable. from show_diff([..]): > char cmdbuf[1024]; > > sprintf(cmdbuf, DIFF " -Nu %.250s %.250s | %.250s", >