https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12093
Bug ID: 12093
Summary: Insecure use of sprintf functions
Product: Wireshark
Version: 2.0.1
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: Normal
Priority: Low
Component: Qt UI
Assignee: bugzilla-ad...@wireshark.org
Reporter: wireshark_hammerh...@grr.la
Build Information:
N/A
--
Static code analysis of wireshark 2.0.1 reveals several buffer overflow bugs in
the QT user interface's capture_file_dialog.cpp source.
wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:835: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
preview_first_.setText(QString().sprintf(
wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:853: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
preview_elapsed_.setText(QString().sprintf("%02u days %02u:%02u:%02u",
wireshark-2.0.1/ui/qt/capture_file_dialog.cpp:856: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
