Hi all,
I'm the Fedora package maintainer of xfig,
I've created a patch for xfig-3.2.5b, which fixes this overflow. Note that
after this xfig will still crash on plane.fig, going into a recursive function
call loop inside u_bound.c, till it exceeds its maximum stack size.
This may caused be caus
Subject: xfig: buffer overflow in read .fig file
Package: xfig
Version: 1:3.2.5-rel-3
Severity: grave
Justification: user security hole
Tags: security
xfig and fig2dev in transfig package will buffer overflow when read
.fig file. see poc file including. compile gfortran.
-- PEDAMACHEPHEPTOLIONES
2 matches
Mail list logo
