[prev in list] [next in list] [prev in thread] [next in thread]
List: coreutils-bug
Subject: Re: tiny buffer overflow in 'stat' (4.5.3)
From: Jim Meyering <jim () meyering ! net>
Date: 2003-08-27 9:06:28
Message-ID: 85r837v59n.fsf () pi ! meyering ! net
[Download RAW message or body]
Tommi Kyntola <tkyntola@cc.hut.fi> wrote:
> It appears that stat source function print_it (stat.c:574) can be tricked
> into performing a strchr (and after that either an fputs or worse with %
> manipulation) beyond the terminator in the string received from
> char *format = strdup (masterformat);
>
> This happens whenever the given --format ends in '%'.
...
> --- coreutils-4.5.3-vanilla/src/stat.c 2002-09-22 09:48:28.000000000 +0300
> +++ coreutils-4.5.3-statfix/src/stat.c 2003-08-26 16:23:50.097650304 +0300
...
Thank you very much.
I've applied your patch.
FYI, the latest is coreutils-5.0.90:
ftp://alpha.gnu.org/gnu/coreutils/coreutils-5.0.90.tar.bz2
Even newer sources (including your fix) are available here:
http://savannah.gnu.org/projects/coreutils/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic