[freeciv] #45682: Secfile save buffer overflow with fc_vsnprintf() fallback implementation (Freeciv-tickets) - Freeciv

#45682: Secfile save buffer overflow with fc_vsnprintf() fallback implementation

  Open Date: 2022-09-21 19:20
Last Update: 2022-09-21 19:35

URL for this Ticket:
    https://osdn.net//projects/freeciv/ticket/45682
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=12505&tid=45682

---------------------------------------------------------------------

Last Changes/Comment on this Ticket:
2022-09-21 19:35 Updated by: cazfi
 * Owner Update from (None) to cazfi
 * Resolution Update from None to Accepted

Comment:

Also to S2_6

---------------------------------------------------------------------
Ticket Status:

      Reporter: cazfi
         Owner: cazfi
          Type: Bugs
        Status: Open [Owner assigned]
      Priority: 5 - Medium
     MileStone: 3.0.4
     Component: General
      Severity: 5 - Medium
    Resolution: Accepted
---------------------------------------------------------------------

Ticket details:

fc_vsnprintf() fallback implementation uses internal buffer of 64k (VSNP_BUF_SIZE). While secfile to save is being prepared, ioz.c might request it to handle buffer of size 8096k (PLAIN_FILE_BUF_SIZE).
Noticed while testing WIP patch for #45629 that also adds missing overflow checking to fc_vsnprintf().

-- 
Ticket information of Freeciv project
Freeciv Project is hosted on OSDN

Project URL: https://osdn.net/projects/freeciv/
OSDN: https://osdn.net

URL for this Ticket:
    https://osdn.net/projects/freeciv/ticket/45682
RSS feed for this Ticket:
    https://osdn.net/ticket/ticket_rss.php?group_id=12505&tid=45682

Freeciv

[Freeciv-tickets] [freeciv] #45682: Secfile save buffer overflow with fc_vsnprintf() fallback implementation