Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
buffer overrun in zlib 1.1.4
Feb 22 2003 12:05AM
Richard Kettlewell (rjk greenend org uk)
zlib contains a function called gzprintf(). This is similar in
behaviour to fprintf() except that by default, this function will
smash the stack if called with arguments that expand to more than
Z_PRINTF_BUFSIZE (=4096 by default) bytes.
There is an internal #define (HAS_vsnprintf) that causes it ...
[ more ]
Copyright 2010, SecurityFocus