[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#72245: [PATCH] Fix integer overflow when reading XPM
|
From: |
Stefan Kangas |
|
Subject: |
bug#72245: [PATCH] Fix integer overflow when reading XPM |
|
Date: |
Mon, 22 Jul 2024 20:04:23 -0700 |
Po Lu <luangruo@yahoo.com> writes:
> Stefan Kangas <stefankangas@gmail.com> writes:
>
>> Severity: minor
>>
>> Since XPM files are untrusted input, I think we'd better handle
>> integer
>> overflow when parsing it, in case the file is malformed.
>>
>> Proposed patch attached.
>
> What are the security implications of accepting whatever scanf produces
> in the event of an overflow?
There is a good summary here:
https://cwe.mitre.org/data/definitions/190.html
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Stefan Kangas, 2024/07/22
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Eli Zaretskii, 2024/07/22
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Po Lu, 2024/07/22
- bug#72245: [PATCH] Fix integer overflow when reading XPM,
Stefan Kangas <=
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Po Lu, 2024/07/22
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Stefan Kangas, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Po Lu, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Stefan Kangas, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Po Lu, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Eli Zaretskii, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Eli Zaretskii, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Andreas Schwab, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Eli Zaretskii, 2024/07/23
- bug#72245: [PATCH] Fix integer overflow when reading XPM, Stefan Kangas, 2024/07/23