[Paraview-developers] strcpy and other bad actors

Ben Boeckel ben.boeckel at kitware.com
Mon Apr 10 13:24:46 EDT 2017


On Mon, Apr 10, 2017 at 15:36:01 +0000, Moreland, Kenneth wrote:
> If you are worried about malicious code, I would be even more worried
> about the use of sprintf. Like strcpy there is no check that the
> target buffer is not overrun, and it is much harder to predict how
> large of a buffer you will need to begin with. Plus, there are
> multiple points in the ParaView interface that allow users to pass
> format descriptors to sprintf from the GUI or a script. This could
> definitely be a target for malicious code. We could (and probably
> should) protected these by using snprintf, but in the cases where
> users pass in their own format descriptors they could do all sorts of
> weird stuff like read data off the stack.

Really, I guess we should look hard at any code which includes `cstdlib`
or `cstring` :) .

--Ben


More information about the Paraview-developers mailing list