|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
uninitialized buffer in midnight commander
From: Ilya Teterin (alienhard
mail.ru)
Date: Fri Sep 19 2003 - 08:47:23 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Midnight Commander is using uninitialized buffer for handling symlinks in VFS (tar, cpio). See vfs/direntry.c, handling of buf[] at vfs_s_resolve_symlink(). I wonder but it works almost properly ;-)
On linux-i386 I can reach stack buffer overflow using specially crafted archive. Open http://buggzy.narod.ru/exp.tgz in mc's VFS to test (mc will crash).
Affected systems/vendors/archs: at least linux-i386, mc-4.5.52 to mc-4.6.0, too lazy to test others ;-)
P.S. Greetings to iDEFENSE VCP. I'm tired and hungry ;)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]