Can we have a patch? This is exactly the sort of thing that I mess up - Bruno
On 24 September 2018 06:04:49 BST, "Gunter Königsmann" wrote: >My advise is to replace the sprintf by an snprintf before the final >release: snprintf requires an additional parameter that tells it how >many >bytes the buffer it is about to write into is long; using an ordinary >sprintf always means you are risking needing to issue an security >update >because someone manages to craft a file that tricks snprintf into >overwriting the stack or a pointer leading to arbitrary code execution >by >using return-oriented programming or similar. > >And always remember: if snprintf knows that the buffer it writes into >is >only 255 bytes long and the string to write is 255 bytes long plus the >null >byte marking the end of the string snprintf won't add a null byte to >its >end => fill the last byte it the target string with a zero and then >tell >snprintf the target is only 254 bytes long. Or make the target string >longer. -- A list of frequently asked questions is available at: http://wiki.panotools.org/Hugin_FAQ --- You received this message because you are subscribed to the Google Groups "hugin and other free panoramic software" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/hugin-ptx/0BAA8D62-7BA3-4136-9F65-F26E40AAE0C5%40postle.net. For more options, visit https://groups.google.com/d/optout.
