OSDN -- Desarrollar y descargar software de código abierto
Translation Status of Español translation status for es

Incidencia #45682
Ticket List Submit New Ticket RSS

Secfile save buffer overflow with fc_vsnprintf() fallback implementation

Abrir Fecha: 2022-09-22 01:20 Última actualización: 2022-09-25 07:34

Informador:
cazfi
Propietario:
cazfi
Tipo:
Bugs
Estado:
Cerrado
Componente:
General
Hito:
3.0.4 (cerrado)
Prioridad:
5 - Medium
Gravedad:
5 - Medium
Resolución:
Fixed
Fichero:
2

Details

fc_vsnprintf() fallback implementation uses internal buffer of 64k (VSNP_BUF_SIZE). While secfile to save is being prepared, ioz.c might request it to handle buffer of size 8096k (PLAIN_FILE_BUF_SIZE).

Noticed while testing WIP patch for #45629 that also adds missing overflow checking to fc_vsnprintf().

Ticket History (3/5 Histories)

2022-09-22 01:20 Updated by: cazfi
  • New Ticket "Secfile save buffer overflow with fc_vsnprintf() fallback implementation" created
2022-09-22 01:35 Updated by: cazfi
  • Propietario Update from (Ninguno) to cazfi
  • Resolución Update from Ninguno to Accepted
Comentario

Also to S2_6

2022-09-25 07:34 Updated by: cazfi
  • Estado Update from Open to Cerrado
  • Resolución Update from Accepted to Fixed

Editar

Please login to add comment to this ticket » Entrar