Headline
CVE-2020-10232: Fix stack buffer overflow in yaffsfs_istat · sleuthkit/sleuthkit@459ae81
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
Permalink
Browse files
Fix stack buffer overflow in yaffsfs_istat
Prevent a stack buffer overflow in yaffsfs_istat by increasing the buffer size to the size required by tsk_fs_time_to_str.
- Loading branch information
1 parent 637772e commit 459ae818fc8dae717549810150de4d191ce158f1
Showing 1 changed file with 1 addition and 1 deletion.
@@ -2439,7 +2439,7 @@ static uint8_t
YAFFSFS_INFO *yfs = (YAFFSFS_INFO *)fs;
char ls[12];
YAFFSFS_PRINT_ADDR print;
char timeBuf[32];
char timeBuf[128];
YaffsCacheObject * obj = NULL;
YaffsCacheVersion * version = NULL;
YaffsHeader * header = NULL;
0 comments on commit 459ae81
Please sign in to comment.