Skip to content
Snippets Groups Projects

Use vasprintf() if available for error messages and otherwise vsnprintf()

vasprintf() is a GNU/BSD extension and would allocate as much memory as required on the heap, similar to g_strdup_printf(). It's ridiculous that such a function is still not provided as part of standard C.

If it's not available, use vsnprintf() to at least avoid stack/heap buffer overflows, which can lead to arbitrary code execution.

Thanks to Noriko Totsuka for reporting.

Fixes JVN#02030803 / JPCERT#92912620 / CVE-2024-40897

Fixes #69


Note: this does not affect end users of liborc, only developers.

Edited by Tim-Philipp Müller

Merge request reports

Merge request pipeline #1227997 passed

Merge request pipeline passed for abd75edf

Approval is optional

Merged by GStreamer Marge BotGStreamer Marge Bot 7 months ago (Jul 19, 2024 10:44am UTC)

Loading

Pipeline #1228000 passed

Pipeline passed for abd75edf on main

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply
Loading