Category

Stack Overflow

Security vulnerabilities and automated fixes for stack overflow issues

7 posts found

critical5 min

How strcpy buffer overflow happens in C++ debugger command handling and how to fix it

A critical stack-based buffer overflow was discovered in `src/debugger.cpp` at line 387, where `strcpy` copied user-entered debugger commands into a fixed-size stack buffer (`prevCommandBuffer`) without any length validation. An attacker could craft an oversized command string to overflow the buffer, overwrite the return address, and achieve arbitrary code execution. The fix replaces `strcpy` with bounded `strncpy` and explicit null-termination.

#security#buffer-overflow#cpp+4 more
O
orbisai0security
Jun 18, 2026
critical9 min

How kernel stack buffer overflow happens in C vsprintf() and how to fix it

A critical stack buffer overflow vulnerability was discovered in `sys/kern/debug.c` where the kernel's `printf()` function called a custom `vsprintf()` implementation without any length constraint on the output buffer `db_msg`. By replacing the unbounded `vsprintf()` call with a size-aware `vsnprintf()` implementation, the fix prevents crafted format strings or oversized arguments from overwriting kernel stack memory, closing a path to arbitrary kernel code execution.

#buffer-overflow#kernel-security#c-programming+4 more
O
orbisai0security
Jun 18, 2026
critical7 min

Stack Buffer Overflow in nvme-print.c: How sprintf() Threatened NVMe Device Security

A critical stack-based buffer overflow vulnerability was discovered in `nvme-print.c`, where multiple `sprintf()` calls wrote formatted output into fixed-size stack buffers without any bounds checking. The vulnerability was most dangerous in `nvme_pel_event_to_string()` at line 224, where a malicious NVMe device could supply unexpected event type values to trigger a buffer overflow enabling arbitrary code execution. The fix replaces all unsafe `sprintf()` calls with `snprintf()`, enforcing stric

#buffer-overflow#c-security#nvme+4 more
O
orbisai0security
Jun 2, 2026
critical8 min

Critical Stack Buffer Overflow Fixed in sgl_log.c: What You Need to Know

A critical stack buffer overflow vulnerability was discovered and patched in `source/core/sgl_log.c`, where unsafe use of `strcpy` and `memcpy` without bounds checking could allow attackers to overwrite stack memory, corrupt return addresses, and potentially execute arbitrary code. This fix eliminates a classic CWE-120 vulnerability that has plagued C codebases for decades and serves as a timely reminder of why bounds-checked string operations are non-negotiable in systems programming. Understan

#security#buffer-overflow#c-programming+4 more
O
orbisai0security
May 16, 2026
critical9 min

Stack Buffer Overflow in vzic-parse.c: How Unbounded sprintf() Calls Enable Arbitrary Code Execution

A critical stack buffer overflow vulnerability was discovered and patched in vzic-parse.c, where unbounded sprintf() calls constructed file paths from timezone data fields into fixed-size stack buffers without any length validation. An attacker supplying a malicious timezone data file could overflow the stack buffer, overwrite the return address, and achieve arbitrary code execution. This fix serves as a timely reminder of why safe string-handling functions are non-negotiable in C code.

#c#buffer-overflow#stack-overflow+4 more
O
orbisai0security
May 15, 2026
critical8 min

Stack Overflow in C: How strcpy and strcat Put Games at Risk

A critical buffer overflow vulnerability was discovered and patched in a shared C header file (common.h) used across an entire suite of games, where unbounded strcpy and strcat calls could allow attackers to overwrite stack memory and hijack program execution. The fix eliminates dangerous unbounded string operations, protecting every game binary that includes this shared header. Understanding this vulnerability is essential for any developer working with C/C++ string handling.

#c-programming#buffer-overflow#cwe-120+4 more
O
orbisai0security
May 14, 2026
critical8 min

Stack Buffer Overflow in MapScale: How Five Unsafe sprintf Calls Created a Critical Vulnerability

A critical stack-based buffer overflow vulnerability was discovered and patched in `src/mapscale.c`, where five unbounded `sprintf` calls wrote formatted output into fixed-size stack buffers without any bounds checking. An attacker controlling unit text strings could overflow the stack buffer, potentially overwriting the function return address and achieving arbitrary code execution. The fix replaces dangerous `sprintf` calls with their bounds-checked counterparts, eliminating the overflow risk

#buffer-overflow#c-security#CWE-120+4 more
O
orbisai0security
May 13, 2026