granicus.if.org Git - graphviz/commit

]> granicus.if.org Git - graphviz/commit

author	Tomas Hoger <thoger@redhat.com>
	Wed, 20 May 2015 09:15:32 +0000 (11:15 +0200)
committer	Tomas Hoger <thoger@redhat.com>
	Wed, 20 May 2015 09:15:32 +0000 (11:15 +0200)
commit	495f781f91dca1fb165bbaa6abc0ced1c09535c8
tree	1fa07bd63285a59f7a3400c560a124153ea54549	tree \| snapshot
parent	31158b1b49cc726cad4191cbd9e13935b2643028	commit \| diff

Fix agerr() format string issue in chkNum()

Commit 99eda42 fixed agerr() format string issue in yyerror(), but the
same fix is also needed for chkNum().  In chkNum(), format string can be
injected at least via malicious file name:

  $ cat fs4-%n%s%s%s%s%s%s.dot
  graph G { a [ weight = 0g ] }

  $ dot fs4-%n%s%s%s%s%s%s.dot
  Warning: *** %n in writable segment detected ***
  Aborted

lib/cgraph/scan.l

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom