mbedtls
mbedtls copied to clipboard
Mbed-TLS
ssl_mail_client: Fix unbounded write of sprintf()
Description
These calls to sprintf may overflow buf because opt.mail_from and opt.mail_to are controlled by users. Fix by replacing sprintf with snprintf.
PR checklist
Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")
- [x] changelog not required
- [ ] backport Need to cherry-pick to mbedtls-2.28: #8907; 3.6: TODO
- [x] tests not required
Notes for the submitter
Please refer to the contributing guidelines, especially the checklist for PR contributors.
Help make review efficient:
- Multiple simple commits
- please structure your PR into a series of small commits, each of which does one thing
- Avoid force-push
- please do not force-push to update your PR - just add new commit(s)
- See our Guidelines for Contributors for more details about the review process.
From the CI:
281>C:\Windows\workspace\mbed-tls-pr-head_PR-8897-head\worktrees\tmpsowuty4p\programs\ssl\ssl_mail_client.c(730): warning C4013: 'snprintf' undefined; assuming extern returning int [c:\windows\workspace\mbed-tls-pr-head_PR-8897-head\worktrees\tmpsowuty4p\cmake_solution\programs\ssl\ssl_mail_client.vcxproj]
I replaced snprintf with mbedtls_snprintf and checked the return values of mbedtls_snprintf. If that looks good and passes CI, I will update the backport PR.
Hi, and thank you for your contribution. Could you please try to fix the code style?
It can be done automatically using the scripts/code_style.py -f
I'd say this needs a 3.6 backport too, now. Edit: ah, was already in the PR description, I had missed it as the end of the line after the 2.28 link.
