OSDN -- 오픈 소스 소프트웨어 개발 및 다운로드
Translation Status of 한국말 translation status for ko

Ticket #45682
Ticket List Submit New Ticket RSS

Secfile save buffer overflow with fc_vsnprintf() fallback implementation

오픈 날짜: 2022-09-22 01:20 마지막 업데이트: 2022-09-25 07:34

Reporter:
cazfi
소유자:
cazfi
Type:
Bugs
Status:
Closed
Component:
General
MileStone:
3.0.4 (closed)
Priority:
5 - Medium
Severity:
5 - Medium
Resolution:
Fixed
File:
2

Details

fc_vsnprintf() fallback implementation uses internal buffer of 64k (VSNP_BUF_SIZE). While secfile to save is being prepared, ioz.c might request it to handle buffer of size 8096k (PLAIN_FILE_BUF_SIZE).

Noticed while testing WIP patch for #45629 that also adds missing overflow checking to fc_vsnprintf().

Ticket History (3/5 Histories)

2022-09-22 01:20 Updated by: cazfi
  • New Ticket "Secfile save buffer overflow with fc_vsnprintf() fallback implementation" created
2022-09-22 01:35 Updated by: cazfi
  • 소유자 Update from (None) to cazfi
  • Resolution Update from None to Accepted
댓글 올리기

Also to S2_6

2022-09-25 07:34 Updated by: cazfi
  • Status Update from Open to Closed
  • Resolution Update from Accepted to Fixed

Edit

Please login to add comment to this ticket » Login