[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: vasnprintf fix
From: |
Bruno Haible |
Subject: |
Re: vasnprintf fix |
Date: |
Tue, 6 Nov 2007 02:20:44 +0100 |
User-agent: |
KMail/1.5.4 |
Eric Blake wrote:
> I have fixed some memory handling bugs that were in newlib at the time
> cygwin 1.5.24 was released.
They were probably due to the BSD heritage of some parts of newlib?
Another question is how to deal with the bug on MacOS X ? This is a
widely used platform, and there are several packages out there that use
printf with variable precision. (A search for
printf\s\(\"[^\"]*%\.\*[eEfFgGudox]
on Google Codesearch shows 37 hits.) Can someone push the vendor to
making a security fix of this bug? I don't have enough time to write
an exploit.
Bruno