Skip to content

Use vasprintf() if available for error messages and otherwise vsnprintf()

vasprintf() is a GNU/BSD extension and would allocate as much memory as required on the heap, similar to g_strdup_printf(). It's ridiculous that such a function is still not provided as part of standard C.

If it's not available, use vsnprintf() to at least avoid stack/heap buffer overflows, which can lead to arbitrary code execution.

Thanks to Noriko Totsuka for reporting.

Fixes JVN#02030803 / JPCERT#92912620 / CVE-2024-40897

Fixes #69


Note: this does not affect end users of liborc, only developers.

Edited by Tim-Philipp Müller

Merge request reports

Loading