[Zlib-devel] potential overflows by sprintf/vsprintf in gzio.c
Mark Adler
madler at alumni.caltech.edu
Sun Apr 6 13:20:01 EDT 2003
On Sunday, April 6, 2003, at 04:44 AM, Glenn Randers-Pehrson wrote:
> OK. But it's detecting a failure to write the entire string, not an
> overflow.
Which qualifies as an error in my book. In that case, gzprintf()
should return an error (zero) and write nothing.
> How about allocating a guard byte and checking to make sure it is
> still zero after the write?
Good idea. I can actually just use the last byte of the current buffer
as the guard byte, so that's what I'll do.
mark
More information about the Zlib-devel
mailing list