You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Regarding e1a9824, this "auto len calculation" by doing strlen to the final format string buffer is very prone to cause buffer overflows. The amx_SetString function won't be able to notice the array's real size and will just write out of bounds. The reason why the format required the size is to protect against this, not to arbitrarily limit the string output.
Why was this done in the first place?
The text was updated successfully, but these errors were encountered:
Regarding e1a9824, this "auto len calculation" by doing strlen to the final format string buffer is very prone to cause buffer overflows. The
amx_SetStringfunction won't be able to notice the array's real size and will just write out of bounds. The reason why theformatrequired the size is to protect against this, not to arbitrarily limit the string output.Why was this done in the first place?
The text was updated successfully, but these errors were encountered: