[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #40088] potential buffer overflow in -execdir and -okdir
|
From: |
James Youngman |
|
Subject: |
[bug #40088] potential buffer overflow in -execdir and -okdir |
|
Date: |
Sun, 22 Sep 2013 20:24:46 +0000 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36 |
URL:
<http://savannah.gnu.org/bugs/?40088>
Summary: potential buffer overflow in -execdir and -okdir
Project: findutils
Submitted by: jay
Submitted on: Sun 22 Sep 2013 20:24:45 GMT
Category: find
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: jay
Originator Name: Dmitry V. Levin
Originator Email: address@hidden
Open/Closed: Open
Discussion Lock: Any
Release: 4.5.11
Fixed Release: None
_______________________________________________________
Details:
Dmitry already supplied a patch, described thus:
* lib/buildcmd.c (bc_push_arg): Take prefix length into account
to avoid state->argbuf overflow.
* NEWS: Mention this fix.
---
It would be a security issue if one could control factors triggering this bug,
which include a directory with thousands of files.
The full patch is attached.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Sun 22 Sep 2013 20:24:45 GMT Name: 0.txt Size: 5kB By: jay
<http://savannah.gnu.org/bugs/download.php?file_id=29198>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?40088>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [bug #40088] potential buffer overflow in -execdir and -okdir,
James Youngman <=