View Issue Details [ Jump to Notes ]

[ Print ]

Project

Category

View Status

Date Submitted

Last Update

0014129

VTK

(No Category)

public

2013-06-16 08:13

2013-12-18 10:50

Reporter

Maxim Churilin

Assigned To

Sankhesh Jhaveri

Priority

normal

Severity

minor

Reproducibility

have not tried

Status

closed

Resolution

fixed

Platform

OS Version

Product Version

5.10.0

Target Version

Fixed in Version

6.1.0

Summary

0014129: Buffer overflow in vtkJPEGWriter when writing to memory

Description

Inside vtkJPEGWriter::Write method the value of InternalFileName variable is determined depending on FileName, FilePrefix and FilePattern variables using sprintf function.

For instance, vtkJPEGWriter has FileName = NULL, FilePrefix = NULL and FilePattern = "%s.%d by default. If WriteToMemory flag is set, the InternalFileName will be computed using the following line:

sprintf(this->InternalFileName, this->FilePattern,this->FileNumber);

which will cause the buffer oferflow.

Tags

No tags attached.

Project

TBD

Type

crash

Attached Files

Relationships

Notes
(0031994) Sankhesh Jhaveri (manager) 2013-12-17 18:07	Pushed change to http://review.source.kitware.com/#/c/13847/ [^] [^]

Issue History
Date Modified	Username	Field	Change
2013-06-16 08:13	Maxim Churilin	New Issue
2013-12-17 18:05	guest	Note Added: 0031992
2013-12-17 18:05	guest	Status	backlog => gerrit review
2013-12-17 18:07	Sankhesh Jhaveri	Note Edited: 0031992
2013-12-17 18:07	Sankhesh Jhaveri	Note Added: 0031994
2013-12-17 18:08	Sankhesh Jhaveri	Note Deleted: 0031992
2013-12-18 10:50	Sankhesh Jhaveri	Status	gerrit review => closed
2013-12-18 10:50	Sankhesh Jhaveri	Assigned To	=> Sankhesh Jhaveri
2013-12-18 10:50	Sankhesh Jhaveri	Resolution	open => fixed
2013-12-18 10:50	Sankhesh Jhaveri	Fixed in Version	=> 6.1.0