tags 690924 + patch
thanks
Attached is a patch based on excellent job by Attila Bogar.
I just increased buffer size so that a full file name could be printed.
Description: [CVE-2012-4527] Stack-based buffer overflow with long file names
.
A buffer overflow in mcrypt version 2.6.8 and earlier due
On Thursday 01 November 2012 14:04:55 Jean-Michel Vourgère wrote:
> snprintf does add a \0 at tmperr[WIDTH]
Doh! I mean tmperr[WIDTH-1] of course!
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Second patch listed at redhat is ok.
But I would either replace
#define WIDTH 80
by
#define WIDTH (sizeof(tmperr))
or
#define WIDTH 80
char tmperr[128];
by
#define WIDTH 128
char tmperr[WIDTH];
snprintf does add a \0 at tmperr[WIDTH]
WIDTH is a poor choice as a macro name IMHO.
signature.asc
3 matches
Mail list logo
