(In reply to comment #0)
> I didn't check thoroughly that it is really exploitable, but just for the sake
> of safety this should either use asprintf() or snprintf().
Or rather, the program should just bail out if it detects an overly long
dictionary entry.
(In reply to comment #0)
> I didn't check thoroughly that it is really exploitable, but just for the sake
> of safety this should either use asprintf() or snprintf().
Or rather, the program should just bail out if it detects an overly long
dictionary entry.