Package: scalpel Version: 1.60-1 Severity: important Although the buffer used to hold a line is larger than in the original foremost code, it still does not check that the buffer really holds a complete line, and strtok will happily corrupt data outside of the buffer when a line is large enough. Checking the output of fgets ought to be sufficient to catch the problem and tell the user to increase MAX_STRING_LENGTH.
See #833639 for the foremost bug. Also note that 2.0 is no better in this respect. Also note that processSearchSpecLine hardcodes a 6 in the tokenarray malloc call, instead of using NUM_SEARCH_SPEC_ELEMENTS. _______________________________________________ forensics-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
