GNOME Bugzilla – Bug 739846
opencv-example: Use snprintf instead of sprintf
Last modified: 2014-11-17 00:48:55 UTC
Created attachment 290274 [details] [review] Use snprintf instead of sprintf which is vulnerable There are some places using sprintf, which deos not check buffer boundary. I replaced them to using snprintf.
Please squash this with the other snprintf changes. Also, I'd opt for g_snprintf(). In the commit log, add "examples: ..." and drop the vulnerable part, there is not proof this code was vulnerable. Thanks for your time btw. *** This bug has been marked as a duplicate of bug 739844 ***
Re-opening as Time closed the other one.
Created attachment 290294 [details] [review] Use g_snprintf instead of sprintf which doesn't check buffer boundary
Comment on attachment 290294 [details] [review] Use g_snprintf instead of sprintf which doesn't check buffer boundary Yes. I also think g_snprintf is better. Thanks for advice.
Created attachment 290400 [details] [review] opencv-example: Use g_snprintf instead of sprintf
Comment on attachment 290294 [details] [review] Use g_snprintf instead of sprintf which doesn't check buffer boundary Rebased
Thanks, pushed: commit fec8d4e7b21cc6891deae6f12e0e169838239072 Author: Hyunjun Ko <zzoonis@gmail.com> Date: Tue Nov 11 17:08:25 2014 +0900 opencv-example: Use g_snprintf instead of sprintf https://bugzilla.gnome.org/show_bug.cgi?id=739846