#27 buffer overflow in plcont.c:plfloatlabel()

closed-fixed
nobody
None
5
2009-01-27
2005-08-10
No

There is a buffer overflow in plfloatlabel in plcont.c
in version 5.5.3. tmpstring is obviously too small. I
patched locally by doubling its size, but really it
should get changed to use snprintf() and the like.

Discussion

  • Andrew Ross

    Andrew Ross - 2009-01-27

    This immediate bug was fixed back in 2005.

    The wider question of whether we should use snprintf remains.

     
  • Andrew Ross

    Andrew Ross - 2009-01-27
    • status: open --> closed-fixed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks