* [edk2-devel] - BasePrintLib buffer overflow (PrintLibInternal.c#L1162)
@ 2024-06-17 2:18 Nmnm via groups.io
0 siblings, 0 replies; only message in thread
From: Nmnm via groups.io @ 2024-06-17 2:18 UTC (permalink / raw)
To: devel
[-- Attachment #1: Type: text/plain, Size: 851 bytes --]
Hello, i am unsure on how to post a bug-report, forgive me if i am not in the right place.
In PrintLibInternal.c at line 1162 there is the possibility of a buffer overflow, if you specify the string precision it will anyway try to count until the null terminator, if the string is not null terminated it can overflow
From my understanding there is no way to avoid this automatic string length counting using any formatting
I was forced to edit the source for myself
Thank you
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119719): https://edk2.groups.io/g/devel/message/119719
Mute This Topic: https://groups.io/mt/106892893/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
[-- Attachment #2: Type: text/html, Size: 1287 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-06-26 16:35 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-06-17 2:18 [edk2-devel] - BasePrintLib buffer overflow (PrintLibInternal.c#L1162) Nmnm via groups.io
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox