Wireshark-bugs: [Wireshark-bugs] [Bug 2846] New: Insecure use of vsprintf() in tools/lemon/lemon

Date: Tue, 2 Sep 2008 12:04:06 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2846

           Summary: Insecure use of vsprintf() in tools/lemon/lemon.c
           Product: Wireshark
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Trivial
          Priority: Low
         Component: Extras
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: andy@xxxxxxxxxxxxxxxxxxx



Andre Guibert de Bruet <andy@xxxxxxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2208|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=2208)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2208)
Fix for insecure vsprintf use

Build Information:
TShark 1.0.2

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GLib 2.16.4, with libpcap 0.9.8, with libz 1.2.3, without POSIX
capabilities, without libpcre, without SMI, without ADNS, without Lua, without
GnuTLS, without Gcrypt, with MIT Kerberos.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Darwin 9.4.0 (MacOS 10.5.4), with libpcap version 0.9.8.

Built using gcc 4.0.1 (Apple Inc. build 5465).
--
vsprintf() is called against a static buffer of 10000 bytes in length and
user-modifiable input parameters. The attached patch uses the more secure
vsnprintf() to accomplish the building of the error message.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.