Diffusion libgpg-error f7ded3ce666c

Fix possible stack overflow in es_printf for %.100f format.
f7ded3ce666c
Actions

Tags

None

Subscribers

None

Description

Fix possible stack overflow in es_printf for %.100f format.

* configure.ac: Add test for snprintf.
* src/gpgrt-int.h: Do not re-map snprintf if KEEP_SYSTEM_SNPRINTF is
  defined.
* src/estream-printf.c (KEEP_SYSTEM_SNPRINTF): Define.
  (pr_float): Increase static buffer size.  Use snprintf for long
  double.
* tests/t-printf.c: Include float.h.
(check_large_float): New.

GnuPG-bug-id: T8240
Reported-by: Dirk Mueller <dmueller@suse.com> (AI)

Details

Provenance

Authored on Wed, Apr 29, 2:00 PM

Parents

rE48fae7f60439: Fix out-of-bounds read in vfnameconcat.

Branches

Unknown

Tags

Unknown

References

Tasks

T8242: gpgrt: Possible stack overflow in es_printf for "%.100f" et al format specifiers.
T8240: Double free in gpgsm's decrypt function.

Event Timeline

• werner committed rEf7ded3ce666c: Fix possible stack overflow in es_printf for %.100f format. (authored by • werner).Wed, Apr 29, 2:00 PM

• werner added a task: T8240: Double free in gpgsm's decrypt function..Wed, Apr 29, 1:57 PM

pl13 added a task: T8242: gpgrt: Possible stack overflow in es_printf for "%.100f" et al format specifiers..Wed, Apr 29, 2:38 PM

Changes (4)

Path

Size

src/

estream-printf.c

tests/

rEf7ded3ce666c

configure.ac

Loading...

src/estream-printf.c

Loading...

src/gpgrt-int.h

Loading...

tests/t-printf.c

Loading...