Buffer overflow in sscanf
|Assignee:||Andreas Huggel||% Done:|
sscanf expects a 0 terminated C-string to read from. In exiv2 the function is in some places called with a data buffer (not 0 terminated) instead. This causes a buffer overflow and may crash the application.