On 04.08.22 14:47, Xenia Ragiadakou wrote:
The function snprintf() returns the number of characters that would have been written in the buffer if the buffer size had been sufficiently large, not counting the terminating null character. Hence, the value returned is not guaranteed to be smaller than the buffer size. Check the return value of snprintf to prevent leaking stack contents to the guest by accident.Also, for debug builds, add an assertion to ensure that the assumption made on the size of the destination buffer still holds. Signed-off-by: Xenia Ragiadakou <[email protected]>
Reviewed-by: Juergen Gross <[email protected]> Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
