Bugtraq mailing list archives
Re: Possible bufferoverflow condition in lpr, xterm and xload
From: Wolfram.Schmidt () iao fhg de (Wolfram Schmidt)
Date: Tue, 13 Aug 1996 19:24:38 +0200
Casper Dik <casper () holland Sun COM> wrote: ] ] Looks like a problem in X11R6: XOpenDisplay() (OpenDis.c) calls ] a function in lib/X11/ConnDis.c which does a sprintf(address,....). ] address is a static buffer of size 128. ] ] In X11R5 (and before??), there's also a sprintf but in a buffer ] allocated with the proper size. Solaris 2.5 (said to be X11R5): $ xterm -display `perl -e "print 'abcde' x 500, ':0';"` Error: Can't open display: abcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcd $ xterm -display `perl -e "print 'abcde' x 20000 , ':0';"` Segmentation Fault $ echo `perl -e "print 'abcde' x 20000 , ':0';"` | wc 1 1 100003 $ Don't konw if it's this very bug, but obviously something doesn't work. -Wolfram
Current thread:
- Re: Possible bufferoverflow condition in lpr, xterm and xload Wolfram Schmidt (Aug 13)
- <Possible follow-ups>
- Re: Possible bufferoverflow condition in lpr, xterm and xload Jeff Uphoff (Aug 13)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Digital Dreamer (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in David DeSimone (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Vidar Madsen (Aug 15)
- Re: [linux-security] Re: Possible bufferoverflow condition in Shaun Lowry (Aug 16)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- The buggy realpath.c Alan Cox (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Nick Andrew (Aug 20)