Hi, I'm Kaiwaiata, since more than 2h searching and finding various possible vulnerabilities in source code of GDB..
I will tell you one vulnerability now, if they treat me well I will tell the other..
foolish or important things?
unsafe use of strcpy() in int net_open (.. ..){:
gdb-7.8.tar\gdb\ser-tcp.c:
line 187: strncpy (hostname, name, tmp);
line 187: strcpy (hostname, "localhost");
# if an attacker manages to take control of hostname[100];, may cause a buffer overflow.
NOTE: is likely to be directed toward .bss, also be a vulnerability
i hope answer, thanks a lot!,
Kaiwaiata - HádrienR.