Project

General

Profile

Bug #447

Buffer overflow in sscanf

Added by Andreas Huggel over 13 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Category:
miscellaneous
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

sscanf expects a 0 terminated C-string to read from. In exiv2 the function is in some places called with a data buffer (not 0 terminated) instead. This causes a buffer overflow and may crash the application.

History

Also available in: Atom PDF