Menu
▾
▴
[Opengrads-devel] Buffer overflow vulnerability in GrADS
|
From: Arlindo da S. <da...@al...> - 2009-10-26 15:33:52
|
Brian, Jennifer et al, As we all know, GrADS makes extensive use of the sprintf() function which is known to have the so-called buffer overflow vulnerability as explained in this document: http://developer.apple.com/mac/library/documentation/Security/Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/doc/uid/TP40002577 A good precaution would be to replace all occurrences of sprintf() with snprintf(), making sure the resulting string is NULL terminated. Since many occurrences of sprintf() are associated with gaprnt(), it might be convenient to use the stdarg.h feature in the C standard library http://en.wikipedia.org/wiki/Stdarg.h and have a new function gaprntf(int level, const char *format, ...) which has the combined effect of sprintf() + gaprnt(). What do you think? I need to address this vulnerability before being able to deploy grads server side. I am willing to help implement this change in the main grads codebase. Thanks, Arlindo -- Arlindo da Silva da...@al... |
