![oss-sec logo](/images/oss-sec-logo.png)
oss-sec mailing list archives
Re: Privsec vuln in beep / Code execution in GNU patch
From: Sebastian Krahmer <half.linked.list () gmail com>
Date: Fri, 6 Apr 2018 10:35:33 +0200
Hi :
If anyone knows the background of this please share it.
lulz. There is indeed a double free of console_device, if a SIGINT is caught right before main() returns. (Looking at git dbf0b4). Besides the easter egg, the patch is still wrong. optarg may be reused via console_device, so the strdup() is OK, but the ressource-free and signal handling isnt. Shouts to the beep trolls. I strongly challenge the oppinion that security is better done without it ... Brave Knights who found issues in such small code base. lg -s -- ~ ~ perl <-> $_='print"\$_=\47$_\47;eval"';eval ~ bash <-> $(curl stealth.openwall.net/null/nuts.txt)
Current thread:
- Privsec vuln in beep / Code execution in GNU patch Hanno Böck (Apr 05)
- Re: Privsec vuln in beep / Code execution in GNU patch Sebastian Krahmer (Apr 06)
- Re: Privsec vuln in beep / Code execution in GNU patch Jakub Wilk (Apr 06)