Vulnerability Development mailing list archives
Re: TCSH problems?
From: Mike Duncan <duncan () randomtask net>
Date: Wed, 6 Jun 2001 10:53:42 -0400 (EDT)
Solaris 8 default tcsh install (SUNWtcshS package) bash-2.03# tcsh # setenv HOME `perl -e 'print "/" x 10000'` Abort (core dumped) bash-2.03# ls -al core -rw------- 1 root other 493880 Jun 6 11:48 core bash-2.03# uname -a SunOS unknown 5.8 Generic_108528-03 sun4m sparc SUNW,SPARCstation-4 On Wed, 6 Jun 2001, Alex wrote:
After some ktracing, and code auditing by myself and a colleague, we believe the problem *may* infact be in libc's setenv() and getenv() functions. We were able to duplicate the bug on various platforms, mostly causing signal 6s and dumping cores. Feedback would be appreciatedsetenv HOME `perl -e 'print "/" x 10000'`^ Length varies from 1024-10000 for effectiveness on diffrent OSes. -Alex
-- ------------------------------------------ Mike Duncan security () randomtask net http://www.randomtask.net FLOD: The World's Perfect Cube Of Fat Also comes in glow-in-the-dark models. ** Don't accept any imitations. ** ------------------------------------------
Current thread:
- nonsuid overflows... still at risk? KF (Jun 05)
- TCSH problems? Alex (Jun 06)
- Re: TCSH problems? Alex (Jun 06)
- Re: TCSH problems? Alex (Jun 06)
- Re: TCSH problems? Mike Duncan (Jun 06)
- Re: TCSH problems? Flux9 (Jun 06)
- Re: TCSH problems? KF (Jun 06)
- Re: TCSH problems? KF (Jun 06)
- Re: TCSH problems? Guezou Philippe (Jun 06)
- Re: TCSH problems? Alex (Jun 06)
- TCSH problems? Alex (Jun 06)
- Re: TCSH problems? Kevin J. Menard, Jr. (Jun 06)
- Re: TCSH problems? Flux9 (Jun 06)
- Re: TCSH problems? Sven van ´t Veer (Jun 06)
- Re: TCSH problems? Edsel Adap (Jun 06)
- Re: TCSH problems? Felix Kronlage (Jun 06)
- Re: TCSH problems? Andreas Forsgren (Jun 06)