Audit of 04af5c7 - Buffer Overflow: strcat
4.2. Buffer Overflow: strcat
4.2.1. File 1.2.43
126.96.36.199. The code in this file executes with elevate permissions.
188.8.131.52. In several locations a path is checked for a trailing backslash (0x5c), and if none is found one is appended. The appending operation never checks if the destination has sufficient allocated memory for one more char.
184.108.40.206. Other places the function is used to append arbitrary string constants to a string on the heap, e.g. ‘strcat (path, "\\TrueCrypt")’.
220.127.116.11. If the application does not crash from the execution of the strcat, the modified memory is then passed into system calls, e.g. ‘_stat (path, &st)’.
#1 Updated by Jason Pyeron about 8 years ago
- Status changed from New to Resolved
[v0.7.3.0-dev 8bb2cc0] resolves https://issues.ciphershed.org/issues/28
1 file changed, 18 insertions(+), 18 deletions(-)
$ git log -1
Author: Jason Pyeron <firstname.lastname@example.org>
Date: Fri Dec 19 09:36:24 2014 -0500
fixed other strcat calls as found