Description
A sprintf based on a guarded format string miscalculates the size and allows a stack buffer to be overrun.
PLOVER: BUFF.OVER, BUFF.LENCALC
Flaws
Have any comments on this test case? Please, send us an email.
A sprintf based on a guarded format string miscalculates the size and allows a stack buffer to be overrun.
PLOVER: BUFF.OVER, BUFF.LENCALC
Have any comments on this test case? Please, send us an email.