Steps to reproduce the problem:
1. saio_types.h declares config_file_t with a plist of 4096 chars.
2. stringTable.c in function loadConfigFile reads on plist
IO_CONFIG_DATA_SIZE
3. IO_CONFIG_DATA_SIZE is defined to be 163840 on bootstruct.h
Expected result:
Actual result:
buffer overflow reading up to 16KB plist in a 4KB buffer.
Reported by J Guerrero, Aug 19, 2011