Bugtraq mailing list archives
Re: Possible bufferoverflow condition in lpr, xterm and xload
From: jeremyp () gsms01 alcatel com au (Peter Jeremy)
Date: Wed, 14 Aug 1996 13:26:04 +1000
Wolfram Schmidt <Wolfram.Schmidt () iao fhg de> wrote:
Casper Dik <casper () holland Sun COM> wrote: ] ] Looks like a problem in X11R6: XOpenDisplay() (OpenDis.c) calls ] a function in lib/X11/ConnDis.c which does a sprintf(address,....). ] address is a static buffer of size 128. ] ] In X11R5 (and before??), there's also a sprintf but in a buffer ] allocated with the proper size. Solaris 2.5 (said to be X11R5):
[fails test] As further data points, the error doesn't occur on Solaris 2.4 (with patches as of a few months ago). It _does_ occur using a stock X11R5 xterm (off the O'Reilly CD-ROM) on SunOS 4.1.3, but doesn't with Sun's xterm (I'm not certain exactly which version of OpenWindows I have installed). The fact that the problem can occur in X11R5 means that its not solely related to the code in _XConnectDisplay(). Peter
Current thread:
- Re: Possible bufferoverflow condition in lpr, xterm and xload Wolfram Schmidt (Aug 13)
- <Possible follow-ups>
- Re: Possible bufferoverflow condition in lpr, xterm and xload Jeff Uphoff (Aug 13)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Digital Dreamer (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in David DeSimone (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Vidar Madsen (Aug 15)
- Re: [linux-security] Re: Possible bufferoverflow condition in Shaun Lowry (Aug 16)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- The buggy realpath.c Alan Cox (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Nick Andrew (Aug 20)