Bug #447

Buffer overflow in sscanf

Added by Andreas Huggel almost 12 years ago. Updated almost 9 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Andreas Huggel% Done:

0%

Category:miscellaneous
Target version:0.9

Description

sscanf expects a 0 terminated C-string to read from. In exiv2 the function is in some places called with a data buffer (not 0 terminated) instead. This causes a buffer overflow and may crash the application.

History

Also available in: Atom PDF

Redmine Appliance - Powered by TurnKey Linux