RPSTIR / Tickets / #25 unsafe snprintf() usage

#25 unsafe snprintf() usage

Status: closed

Owner: Richard Hansen

Labels: None

Type: Bug Report

Updated: 2015-11-25

Created: 2015-07-08

Creator: Richard Hansen

Private: No

The return value of snprintf() is frequently ignored and assumed to be non-negative and less than the buffer length. These assumptions might not always be true, which could cause undesirable behavior (possibly exploitable).

Discussion

Richard Hansen - 2015-07-08

Ready for review: http://thread.gmane.org/gmane.network.routing.security.rpstir.devel/210/focus=213

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Richard Hansen - 2015-07-08

status: in-progress --> waiting-for-review
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Richard Hansen - 2015-07-09

status: waiting-for-review --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Richard Hansen - 2015-07-09

merged

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Mandelberg - 2015-11-25

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

David Mandelberg - 2015-11-25

Migrated to github.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

unsafe snprintf() usage

Relying Party Security Technology for Internet Routing

Searches

Help

#25 unsafe snprintf() usage

Discussion