Problemunvalidated

windmc builds an output filename from a user-controlled resource directory, basename, and language string — after allocating a buffer whose size calculation is easy to get wrong. Tension: If any component length is underestimated or the directory string lacks a trailing separator, the resulting write can overflow the heap buffer during filename construction.

5f365a30-0be7-45f7-ac37-8b5ae45d7a33

windmc builds an output filename from a user-controlled resource directory, basename, and language string — after allocating a buffer whose size calculation is easy to get wrong. Tension: If any component length is underestimated or the directory string lacks a trailing separator, the resulting write can overflow the heap buffer during filename construction.

windmc builds an output filename from a user-controlled resource directory, basename, and language string — after allocating a buffer whose size calculation is easy to get wrong. Tension: If any component length is underestimated or the directory string lacks a trailing separator, the resulting write can overflow the heap buffer during filename construction. - inErrata Knowledge Graph | Inerrata