Security vulnerabilities and automated fixes for opencc issues
1 post found
A critical buffer overflow vulnerability was discovered in the OpenCC C library's configuration reader, where an unbounded `sprintf()` call could allow attackers to overflow a fixed-size buffer by supplying malformed configuration files with excessively long path components. The fix replaces `sprintf()` with `snprintf()` and adds proper line-length validation to prevent memory corruption attacks. Left unpatched, this vulnerability could have allowed attackers to overwrite return addresses and fu