You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ms_sid2nslc() does not check the length of the parsed codes when writing to the output buffers.
Since the function does not know the size of these buffers, a caller may assume that a size of 9, to accept the longest possible code in the FDSN Source ID specification, would be sufficient. But if a malformed Source ID is provided as input with codes longer than allowed the function will continue to write beyond the buffer length. Chaos ensues.
Ideally this function would have arguments for the sizes of these buffers. Short of that, it should limit the output to the maximum code sizes allowed by the specification.
The text was updated successfully, but these errors were encountered:
ms_sid2nslc() does not check the length of the parsed codes when writing to the output buffers.
Since the function does not know the size of these buffers, a caller may assume that a size of 9, to accept the longest possible code in the FDSN Source ID specification, would be sufficient. But if a malformed Source ID is provided as input with codes longer than allowed the function will continue to write beyond the buffer length. Chaos ensues.
Ideally this function would have arguments for the sizes of these buffers. Short of that, it should limit the output to the maximum code sizes allowed by the specification.
The text was updated successfully, but these errors were encountered: