Menu
▾
▴
Re: [Ayttm-users] Possible format string vulnerability
|
From: Philip T. <phi...@gm...> - 2015-08-24 16:58:04
|
Ok, I've looked through the code, and these are my findings: 1. The code should have been inside an #ifdef block, but for some reason it is inside a #ifndef block, which inverts the meaning of the condition. 2. The snprintf and debug_print statements should really just be merged into a single statement with no actual need for debug_buff Unfortunately this code dates back to the very first revision, so it probably inherited from "everybuddy", but I don't have the time to go into the cvs history for EB. I've fixed this and hope someone can test it thoroughly. Philip |