[edk2-devel] - BasePrintLib buffer overflow (PrintLibInternal.c#L1162)

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Nmnm via groups.io" <mm0108=protonmail.com@groups.io>
To: devel@edk2.groups.io
Subject: [edk2-devel] - BasePrintLib buffer overflow (PrintLibInternal.c#L1162)
Date: Sun, 16 Jun 2024 19:18:46 -0700	[thread overview]
Message-ID: <VPM9.1718590726017922242.Ovl9@groups.io> (raw)

[-- Attachment #1: Type: text/plain, Size: 851 bytes --]

Hello, i am unsure on how to post a bug-report, forgive me if i am not in the right place.

In PrintLibInternal.c at line 1162 there is the possibility of a buffer overflow, if you specify the string precision it will anyway try to count until the null terminator, if the string is not null terminated it can overflow
From my understanding there is no way to avoid this automatic string length counting using any formatting
I was forced to edit the source for myself

Thank you


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119719): https://edk2.groups.io/g/devel/message/119719
Mute This Topic: https://groups.io/mt/106892893/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 1287 bytes --]

                 reply	other threads:[~2024-06-26 16:35 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=VPM9.1718590726017922242.Ovl9@groups.io \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox