[Bug bzip2/29280] New: Replace sprintf with safer snprintf
sean@rogue-research.com
sourceware-bugzilla@sourceware.org
Thu Jun 23 15:42:44 GMT 2022
https://sourceware.org/bugzilla/show_bug.cgi?id=29280
Bug ID: 29280
Summary: Replace sprintf with safer snprintf
Product: bzip2
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: bzip2
Assignee: nobody at sourceware dot org
Reporter: sean@rogue-research.com
CC: bzip2-devel at sourceware dot org
Target Milestone: ---
bzip2 has one call to sprintf in git master.
sprintf is dangerous because it's easy to overrun the buffer. Building on
OpenBSD and macOS produce compiler warnings upon any use of the function.
Would be nice to change this one use to snprintf, which takes the buffer size.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Bzip2-devel
mailing list