From: Frank K. <fbk...@co...> - 2005-05-09 16:38:13
|
John Coffman wrote: > > At 07:40 AM Tuesday 5/3/2005, Jindrich Novy wrote: > > > While fixing CAN-2004-1287 I found that there's yet > > another vsprintf > > that may cause buffer overflow. I haven't properly > > investigated whether > > it could be somehow exploited, but maybe snprintf should > > be used here > > instead to avoid possible vulnerabilities. I'm sending > > an one-liner to > > fix this. > > Yes. Okay, that's a "landslide" :) 'Tis done. Thanks, John. Thanks, Yuri. Thanks again, Jindrich. Best, Frank |