[Aptitude-devel] Bug#767533: aptitude Bug #767533: possible buffer overflow when converting
Manuel A. Fernandez Montecelo
manuel.montezelo at gmail.com
Fri Mar 4 17:20:51 UTC 2016
Control: tags -1 + pending
Hi,
2014-10-31 20:03 To Joshua Rogers:
>
>And in general, there's no need to risk this kind of overflows, which can be
>propagated even by copy and paste or if the envolving string is modified to
>e.g. " [ %sbytes/%sbytes ]". Instead of using sprintf, snprintf (with the size
>of the buffer) should be used -- if not a better method to translate those sizes
>into string.
Converted to use snprintf now, so marking as +pending.
Cheers.
--
Manuel A. Fernandez Montecelo <manuel.montezelo at gmail.com>
More information about the Aptitude-devel
mailing list