Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 12093] New: Insecure use of sprintf functions

Wireshark-bugs: [Wireshark-bugs] [Bug 12093] New: Insecure use of sprintf functions

Date: Sun, 07 Feb 2016 03:32:57 +0000

Bug ID	12093
Summary	Insecure use of sprintf functions
Product	Wireshark
Version	2.0.1
Hardware	All
OS	All
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Qt UI
Assignee	[email protected]
Reporter	[email protected]

Build Information:
N/A
--
Static code analysis of wireshark 2.0.1 reveals several buffer overflow bugs in
the QT user interface's capture_file_dialog.cpp source.

wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:835: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.

        preview_first_.setText(QString().sprintf(

wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:853: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.

        preview_elapsed_.setText(QString().sprintf("%02u days %02u:%02u:%02u",

wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:856: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 12093] Insecure use of sprintf functions
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 12092] New: Buildbot crash output: fuzz-2016-02-06-17143.pcap
Next by Date: [Wireshark-bugs] [Bug 12093] Insecure use of sprintf functions
Previous by thread: [Wireshark-bugs] [Bug 12092] Buildbot crash output: fuzz-2016-02-06-17143.pcap
Next by thread: [Wireshark-bugs] [Bug 12093] Insecure use of sprintf functions
Index(es):
- Date
- Thread