Package: libc6
Version: 2.13-24
Followup-For: Bug #553206
This also happens with plain scanf.
-- System Information:
Debian Release: wheezy/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux
Package: libc6
Version: 2.10.1-2
Severity: normal
sscanf(p,%d,i) caused a SIGSEGV raised if p points to a very long input
string with just
decimal characters in it.
that makes %d unusable for scanning untrusted input. (in my case a sip
registrar).
here is a code example that shows it (use
2 matches
Mail list logo