Bugtraq mailing list archives

Re: Buffer overflow in bing

From: Kris Kennaway <kris () FREEBSD ORG>
Date: Mon, 22 Jan 2001 17:33:40 -0800

On Fri, Jan 19, 2001 at 08:30:01PM +0100, Pierre Beyssac wrote:

On Fri, Jan 19, 2001 at 06:52:27PM +0100, Paul Starzetz wrote:

The buffer overflowed is a 80 byte static local buffer:
    static char buf[80];


It is patched by default in FreeBSD's package collection. Here's
the patch below (author: jseger () freebsd org).


Actually, the patch was mine :-)

----------------------------
revision 1.1
date: 2000/03/05 05:30:54;  author: kris;  state: Exp;
This is a setuid root binary. sprintf()s of DNS hostnames into undersized
buffers are bad. Fix this. It should also drop privileges for extra
safety, but doesn't.
=============================================================================

Kris

-- 
NOTE: To fetch an updated copy of my GPG key which has not expired,
finger kris () FreeBSD org

Attachment: _bin
Description:

Current thread:

Buffer overflow in bing Paul Starzetz (Jan 22)
- Re: Buffer overflow in bing Pierre Beyssac (Jan 22)
  - Re: Buffer overflow in bing Kris Kennaway (Jan 23)