Project

General

Profile

Bug #6158

libbe needs snprintf() overflow checking

Added by Robert Mustacchi about 5 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
lib - userland libraries
Start date:
2015-08-23
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

libbe uses snprintf to assemble many different strings that it uses for various purposes, such as eventually executing things ala installboot and installgrub. Right now these snprintf routines are being cast to void, even though they're using a static character buffer. This means that they could end up generating an incorrect string due to input buffer overflow. Due to snprintf, this won't result in the case where internal memory is clobbered; however, it could easily lead to a confusing error being generated.

Also available in: Atom PDF