OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Valentin Nechayev (netchLUCKY.NET)
Date: Mon Feb 05 2001 - 02:40:36 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    > > confirmed for red hat linux 7.0:
    > > [kerouac:mg:~]m4 -G %x

    All folks tests it with -G, but it is not really needed.

    FreeBSD ports:

    netchiv:~>gm4 -G %x
    gm4: bfbffb8c: No such file or directory
    netchiv:~>gm4 %x
    gm4: bfbffb8c: No such file or directory
    netchiv:~>gm4 %d
    gm4: -1077937268: No such file or directory
    netchiv:~>gm4 %s
    gm4: o6Kes{
    ex: No such file or directory

    (port is m4-1.4)

    RH 7.0:

    netchyacc:~>m4 %x
    m4: 80499d9: No such file or directory
    netchyacc:~>m4 %d
    m4: 134519257: No such file or directory

    RH 6.2:

    netchsleipnir:~>m4 %x
    m4: 401081cc: No such file or directory
    netchsleipnir:~>rpm -q m4
    m4-1.4-12

    and so on. Possibly all GNU versions are vulnerable.

    Patch against this (tabs are broken by cut-and-paste):

    --- src/m4.c.orig Wed Nov 2 05:14:28 1994
    +++ src/m4.c Mon Feb 5 10:36:17 2001
    -466,7 +466,7
                fp = path_search (argv[optind]);
                if (fp == NULL)
                  {
    - error (0, errno, argv[optind]);
    + error (0, errno, "%s", argv[optind]);
                    continue;
                  }
                else

    Another the only bad usage of error():

    m4.c:372: error (0, errno, optarg);

    part of code:

    ==={{{
          case 'o':
            if (!debug_set_output (optarg))
              error (0, errno, optarg);
            break;
    ===}}}

    patch is of the same idea.

    > > m4: 80499d9: Datei oder Verzeichnis nicht gefunden
    > > [kerouac:mg:~]cat /etc/redhat-release
    > > Red Hat Linux release 7.0 (Guinness)
    > > [kerouac:mg:~]rpm -q m4
    > > m4-1.4.1-3

    /netch