cvs commit: src/lib/libc/stdlib strfmon.c
Ruslan Ermilov
ru at FreeBSD.org
Sat Apr 19 07:18:24 UTC 2008
ru 2008-04-19 07:18:22 UTC
FreeBSD src repository
Modified files:
lib/libc/stdlib strfmon.c
Log:
Better strfmon(3) conversion specifiers sanity checking.
There were no checks for left and right precisions at all, and
a check for field width had integer overflow bug.
Reported by: Maksymilian Arciemowicz
Security: http://securityreason.com/achievement_securityalert/53
Submitted by: Maxim Dounin <mdounin at mdounin.ru>
MFC after: 3 days
Revision Changes Path
1.17 +8 -1 src/lib/libc/stdlib/strfmon.c
More information about the cvs-all
mailing list