Chris, Thanks for the patch. I just want to let you know that, this is one of those likely to be short lived patches. After the stable release, one of my first orders of business will be to write proper I/O management code similar to what we have for Pcbnew. It will use code in richio.h/.cpp for parsing and formatting which takes care of the memory allocation issues.
Wayne On 6/25/2015 12:37 AM, Chris Pavlina wrote: > Eeschema is _full_ of sscanf buffer overflow vulnerabilities, in almost > every ::Load. This patch adds the proper field width specifiers to > prevent the buffers from being smashed by an invalid or malicious input. > > -- > Chris > > > > _______________________________________________ > Mailing list: https://launchpad.net/~kicad-developers > Post to : [email protected] > Unsubscribe : https://launchpad.net/~kicad-developers > More help : https://help.launchpad.net/ListHelp > _______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
