Fedora 14 - Format string attack in allegro-tools package

From: rafaldworaczek@poczta.fm
To: bugtraq@securityfocus.com
Cc:
Subject: Fedora 14 - Format string attack in allegro-tools package
Date:


Format string attack in pack.c file (package allegro-tools) Fedora 14

Problematic code:

static void err(char *s1, char *s2)
{

   ......
   if (s2)
      printf(s2);
   ......
}


.......
f1 = argv[1];
.......

if (!in) {
      err("can't open ", f1);
      return 1;
}







Copyright © 1995-2018 LinuxRocket.net. All rights reserved.