Hi. I recently adopted the magpie package (It reads in Packages files and produces HTML output)
It was un/undermaintained a long time and has no separate upstream. While looking in the code to fix some outstanding bugs I found several code pieces like char path[256]; sprintf( path, "some string/%s", packagename); There are no further checks as I can see. I'm not very experienced in C programming and don't know much about the details of exploiting buffer overflows or the like... Is such code (away from the fact that it can easily lead to segfaults) a security problem? Thanks, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/
