Date: Mon, 27 Oct 2014 11:59:56 -0700 From: Michal Zalewski <lcamtuf@...edump.cx> To: oss-security <oss-security@...ts.openwall.com> Subject: Re: Re: strings / libbfd crasher Well, there's also a trivial stack buffer overflow in srec.c near line 254: char buf; ... sprintf (buf, "\\%03o", (unsigned int) c); But with this test case, c will be -44, or "\1777777777777777777724", which sounds a lot longer than 9 characters. http://lcamtuf.coredump.cx/strings-stack-overflow /mz
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ