Format string bug in ppmtolss16
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
syslinux (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: syslinux
/usr/bin/ppmtolss16 have format string bug .
test case :
emanuel@
emanuel@
Integer overflow in format string for prtf at /tmp/%999999999
I take the picture from :
http://
the bug can be found at :
if ( $lost ) {
printf STDERR
"$0: Warning: color palette truncated (%d colors ignored)\n", $lost;
}
fix can be :
printf STDERR "%s: Warning: color palette truncated (%d colors ignored)\n", $0 , $lost;