This pull request fixes a buffer overflow vulnerability with long output file names. Due to a static buffer an attacker could access and write protected memory.
The suggested code fixes this vulnerability by checking the length of the supplied name and using the default filename if the name is longer than the size of the buffer.
selsta
commented
3 years ago
This pull request fixes a buffer overflow vulnerability with long output file names. Due to a static buffer an attacker could access and write protected memory. The suggested code fixes this vulnerability by checking the length of the supplied name and using the default filename if the name is longer than the size of the buffer.