Graphviz Bug Report 396

Number: 396
Title: Buffer overrun bug
Submitter: Jonathan de Halleux
Date: Mon Jan 19 05:56:23 2004
Subsys: Dot
Version: 1.10
System: *-*-
Severity: critical
Problem:
Providing URL greater that 512 characters creates a buffer in svg_printf because this method renders the string is a static size character buffer of BUFSIZ characters.

svg_printf should trim the string size to avoid such problem.
Comments:
[ellson] I believe that this bug has already been fixed in CVS, and in the nightly snapshots from http://www.graphviz.org/pub/graphviz/CURRENT/

All URL strings are now output using svg_fputs().

If you still have a counterexample, please send a test case ASAP.
Owner: ellson
Status: Fixed