diff options
| author | Mark Adler <git@madler.net> | 2026-01-03 01:07:40 -0600 |
|---|---|---|
| committer | Mark Adler <git@madler.net> | 2026-01-05 15:03:04 -0600 |
| commit | fd366384cf324d750596feb03be44ddf4d1e6acd (patch) | |
| tree | 0c1d8eaa0538f8681ae0ce7a4e02ba71ff07d4fd /FAQ | |
| parent | cab7352dc71048f130a7d4e0b7fd773909761133 (diff) | |
| download | zlib-fd366384cf324d750596feb03be44ddf4d1e6acd.tar.gz zlib-fd366384cf324d750596feb03be44ddf4d1e6acd.tar.bz2 zlib-fd366384cf324d750596feb03be44ddf4d1e6acd.zip | |
Prevent the use of insecure functions without an explicit request.
ZLIB_INSECURE must be defined in order to compile code that uses
the insecure functions vsprintf() or sprintf(). This would occur
only if the standard vsnprintf() or snprintf() functions are not
available. Providing the --insecure option to ./configure will
define ZLIB_INSECURE. A flag is added to zlibCompileFlags() to
indicate that gzprintf() is not implemented due to the need for
the use of an insecure function, but ZLIB_INSECURE was not
defined.
Diffstat (limited to 'FAQ')
| -rw-r--r-- | FAQ | 18 |
1 files changed, 9 insertions, 9 deletions
| @@ -258,15 +258,15 @@ The latest zlib FAQ is at http://zlib.net/zlib_faq.html | |||
| 258 | 33. Does zlib have any security vulnerabilities? | 258 | 33. Does zlib have any security vulnerabilities? |
| 259 | 259 | ||
| 260 | The only one that we are aware of is potentially in gzprintf(). If zlib is | 260 | The only one that we are aware of is potentially in gzprintf(). If zlib is |
| 261 | compiled to use sprintf() or vsprintf(), then there is no protection | 261 | compiled to use sprintf() or vsprintf(), which requires that ZLIB_INSECURE |
| 262 | against a buffer overflow of an 8K string space (or other value as set by | 262 | be defined, then there is no protection against a buffer overflow of an 8K |
| 263 | gzbuffer()), other than the caller of gzprintf() assuring that the output | 263 | string space (or other value as set by gzbuffer()), other than the caller |
| 264 | will not exceed 8K. On the other hand, if zlib is compiled to use | 264 | of gzprintf() assuring that the output will not exceed 8K. On the other |
| 265 | snprintf() or vsnprintf(), which should normally be the case, then there is | 265 | hand, if zlib is compiled to use snprintf() or vsnprintf(), which should |
| 266 | no vulnerability. The ./configure script will display warnings if an | 266 | normally be the case, then there is no vulnerability. The ./configure |
| 267 | insecure variation of sprintf() will be used by gzprintf(). Also the | 267 | script will display warnings if an insecure variation of sprintf() will be |
| 268 | zlibCompileFlags() function will return information on what variant of | 268 | used by gzprintf(). Also the zlibCompileFlags() function will return |
| 269 | sprintf() is used by gzprintf(). | 269 | information on what variant of sprintf() is used by gzprintf(). |
| 270 | 270 | ||
| 271 | If you don't have snprintf() or vsnprintf() and would like one, you can | 271 | If you don't have snprintf() or vsnprintf() and would like one, you can |
| 272 | find a good portable implementation in stb_sprintf.h here: | 272 | find a good portable implementation in stb_sprintf.h here: |