Security vulnerabilities and automated fixes for file path handling issues
1 post found
A critical heap buffer overflow vulnerability was discovered in `libyep.c` where an unchecked `sprintf()` call at line 483 could overwrite adjacent memory structures when file path strings exceeded the allocated buffer size of `node->name`. The fix replaces three unsafe string operations across lines 433, 454, and 483 with bounds-checked `snprintf()` equivalents, eliminating the risk of memory corruption and potential code execution. This change is a textbook example of how a single missing size