Open GoogleCodeExporter opened 9 years ago
As an additional note... the fmt argument needs to be validated. So all uses
of
tp_printf need to make sure they are getting fmt from a trusted source.
"""
%n can be used to write arbitrary data to potentially carefully-selected
addresses. Programmers are therefore strongly advised to never pass
untrusted strings as the format argument, as an attacker can put format
specifiers in the string to mangle your stack, leading to a possible
security hole. This holds true even if the string was built using a
function like snprintf(), as the resulting string may still contain user-
supplied conversion specifiers for later interpolation by printf().
"""
Original comment by ren...@gmail.com
on 25 Sep 2008 at 4:16
Original issue reported on code.google.com by
ren...@gmail.com
on 25 Sep 2008 at 4:10