gpgrt: Possible stack overflow in es_printf for "%.100f" et al format specifiers.
Testing, HighPublic
Actions

Assigned To

None

Authored By

	• werner
	Tue, Apr 28, 11:08 AM

Description

From the original report:

A double value (e.g., DBL_MAX) can have up to 309 decimal digits before the decimal point. When formatted with a precision of 100 (%.100f), the resulting string can exceed 409 characters (309 integer digits + 1 decimal point + 100 fractional digits + 1 null terminator). This exceeds the 350-byte stack buffer, leading to a stack overflow. Using long double exacerbates this, potentially writing thousands of bytes out of bounds

Revisions and Commits

rE libgpg-error
	rEf7ded3ce666c Fix possible stack overflow in es_printf for %.100f format.

Event Timeline

• werner created this task.Tue, Apr 28, 11:08 AM

• werner created this object in space Restricted Space.

pl13 added a commit: rEf7ded3ce666c: Fix possible stack overflow in es_printf for %.100f format..Wed, Apr 29, 2:38 PM

• werner changed the task status from Open to Testing.Wed, Apr 29, 2:42 PM

• werner triaged this task as High priority.

• werner shifted this object from the Restricted Space space to the S1 Public space.

gpgrt: Possible stack overflow in es_printf for "%.100f" et al format specifiers.Testing, HighPublicActions

Description

Revisions and Commits

Event Timeline

gpgrt: Possible stack overflow in es_printf for "%.100f" et al format specifiers.
Testing, HighPublic
Actions