[Issue 14156] buffer overflow in LibELF

via Digitalmars-d-bugs digitalmars-d-bugs at puremagic.com
Wed Feb 11 23:32:49 PST 2015


https://issues.dlang.org/show_bug.cgi?id=14156

--- Comment #5 from Sobirari Muhomori <dfj1esp02 at sneakemail.com> ---
If sprintf is provided through a macro wrapper, it can infer buffer size of the
first argument, as it's known statically.
See if this circumvents protection:
---
char* dest = h->user_id;
len = sprintf(dest, "%u", om->user_id);
---

--


More information about the Digitalmars-d-bugs mailing list