[Bug 271020] Re: jhead static string for -cmd too small
John Dong
john.dong at gmail.com
Tue Sep 23 16:41:55 BST 2008
I'd also like to point out that from a simple glance at jhead.c there
are plenty of other security issues present, including unsafe temp file
creation, other routines calling DoCommand, more unchecked buffers,
shell escapes, unsafe buffer sized strcat's in ModifyDescriptComment,
and so on. This whole codebase needs a review/rewrite.
--
jhead static string for -cmd too small
https://bugs.launchpad.net/bugs/271020
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list