[Fwd: m4 and format strings]

bug-m4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: m4 and format strings]

From:	KF
Subject:	[Fwd: m4 and format strings]
Date:	Wed, 27 Jun 2001 05:20:37 -0400

-------- Original Message --------
Subject: m4  and format strings
Date: Tue, 26 Jun 2001 13:29:18 -0400
From: KF <address@hidden>
To: address@hidden

I noticed on NT my m4 binary had format strings issues... 

bash-2.02$ uname -a
CYGWIN_NT-4.0 TERMSRV 20.1 (0.3/1/1) 1998-12-3 20:39:18 i686 unknown

bash-2.02$ m4  %s%s%s
[main] c:\cygnus\CYGWIN~1\H-I586~1\bin\m4.exe 1015 (0)
handle_exceptions:
Except
ion: STATUS_ACCESS_VIOLATION
[main] m4 1015 (0) handle_exceptions: Dumping stack trace to m4.exe.core


[main] m4 1003 (0) exception: trapped!
[main] m4 1003 (0) exception: code 0xC0000005 at 0x6102C597
[main] m4 1003 (0) exception: ax 0x45 bx 0xE cx 0xA036220 dx 0x0
[main] m4 1003 (0) exception: si 0xA036256 di 0x241FD24 bp 0x241FCF8 sp
0x241FBCC
[main] m4 1003 (0) exception: exception is: STATUS_ACCESS_VIOLATION
[main] m4 1003 (0) stack: Stack trace:
[main] m4 1003 (0) stack: frame 0: sp = 0x241F9E0, pc = 0x6100A2C3
[main] m4 1003 (0) stack: frame 1: sp = 0x241FA1C, pc = 0x77F97B06
[main] m4 1003 (0) stack: frame 2: sp = 0x241FA40, pc = 0x77F899D7
[main] m4 1003 (0) stack: frame 3: sp = 0x241FACC, pc = 0x77F76A12
[main] m4 1003 (0) stack: frame 4: sp = 0x241FCF8, pc = 0x6102C670
[main] m4 1003 (0) stack: frame 5: sp = 0x241FD0C, pc = 0x6100BE89
[main] m4 1003 (0) stack: frame 6: sp = 0x241FD2C, pc = 0x6100DAF8
[main] m4 1003 (1) stack: frame 7: sp = 0x241FE80, pc = 0x610309D1
[main] m4 1003 (0) stack: frame 8: sp = 0x241FEB4, pc = 0x6105D7E2
[main] m4 1003 (0) stack: frame 9: sp = 0x241FEC8, pc = 0x610527CF
[main] m4 1003 (0) stack: frame 10: sp = 0x241FEF8, pc = 0x6105283A
[main] m4 1003 (0) stack: frame 11: sp = 0x241FF0C, pc = 0x40BF1C
[main] m4 1003 (0) stack: frame 12: sp = 0x241FF28, pc = 0x402256
[main] m4 1003 (0) stack: frame 13: sp = 0x241FF40, pc = 0x61004402
[main] m4 1003 (0) stack: frame 14: sp = 0x241FF88, pc = 0x61004420
[main] m4 1003 (0) stack: frame 15: sp = 0x241FF94, pc = 0x4131CA
[main] m4 1003 (0) stack: End of stack trace (more stack frames may be
present)

so I decided to check my unix box also... 

address@hidden elguapo]$ m4 %x,%x,%x,%x,%x,%x,%x
m4: 0,bffff818,4000d2ce,805df78,8048c56,4002e0bc,4014af2c: No such file
or directory

can anyone think of a situation where this could cause root 
to be exploitated... m4 is not suid to my understanding. 

-KF

[Prev in Thread]

Current Thread

[Next in Thread]

[Fwd: m4 and format strings], KF <=

Prev by Date: (no subject)
Next by Date: [Fwd: Re: m4 and format strings]
Previous by thread: Earn Up to $10 for each animal placed in a loving home
Next by thread: [Fwd: Re: m4 and format strings]
Index(es):
- Date
- Thread