Reported by J Guerrero, Aug 19, 2011
Steps to reproduce the problem: 1. saio_types.h declares config_file_t with a plist of 4096 chars. 2. stringTable.c in function loadConfigFile reads on plist IO_CONFIG_DATA_SIZE 3. IO_CONFIG_DATA_SIZE is defined to be 163840 on bootstruct.h Expected result: Actual result: buffer overflow reading up to 16KB plist in a 4KB buffer.
Comment 1 by Cosmosis Jones, Aug 19, 2011
Comment 2 by Cosmosis Jones, May 8, 2012