Module Name: src
Committed By: christos
Date: Fri Feb 17 19:57:53 UTC 2012
Modified Files:
src/lib/libc/stdio: vfwprintf.c
Log Message:
Fix: CVE-2012-0864 fprintf() positional argument abuse.
Described in: http://www.phrack.org/issues.html?issue=67&id=9#article
Reported by Stefan Cornelius / Red Hat Security Response Team
- convert internal positional arguments bookkeeping from int to size_t
- provide overflow protection in positional argument spec
- convert loops to memset
- fix memory leaks
- limit positional argument stack offset to the number of arguments required
by the printf to avoid coredump from va_arg() exhaustion.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/lib/libc/stdio/vfwprintf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
