Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
CVE-2018-6340 Fix buffer overread
Summary: snprintf() returns the number of would be written bytes if the buffer had enough size, letting the original code to construct output string from arbitrary data on the stack. Fix this by properly assembling the String without trying to arbitrarily limiting the length to 30 bytes. Reviewed By: ottoni Differential Revision: D13509547 fbshipit-source-id: aa401b83d356f5b261433c4b16d777948ba7f9b4
- Loading branch information