Bugtraq mailing list archives
Re: procmail / Sendmail - five bugs
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Thu, 23 Dec 1999 15:35:58 +0100
a) On some glibc 2.0 machines (eg. RedHat), malloc(negative_integer) won't result in EINVAL, but with valid pointer, for which malloc_usable_size() returns size of 12 bytes. Heap overflows possible? Hmm, at least SEGVs in procmail:)
On a pedantic note: it is not possible to call a standard conforming malloc() with a negative integer; the argument to malloc is unsigned (size_t). In Solaris, calls to malloc > 2^31-1 can result in memory being returned of the requested size. Various older releases of Solaris do have problems at the 2GB barrier, even thgough > 2GB can be available for malloc. Casper
Current thread:
- More Netscape Passwords Available., (continued)
- More Netscape Passwords Available. Rob Jones (Dec 21)
- UnixWare i2odialogd remote root exploit Brock Tellier (Dec 21)
- IE 5.01 vulnerabilities in external.NavigateAndFind() Georgi Guninski (Dec 22)
- Solaris 2.7 dmispd local/remote problems Brock Tellier (Dec 22)
- Multiple vulnerabilites in glFtpD (current versions) suid (Dec 22)
- Re: Multiple vulnerabilites in glFtpD (current versions) Per Lejontand (Dec 23)
- Re: Multiple vulnerabilites in glFtpD (current versions) The Tree of Life (Dec 23)
- Re-release of Microsoft Security Bulletin MS99-046 Microsoft Product Security (Dec 23)
- BUG? Non-root user can configure traffic shaper (2.2.13) (fwd) Yuri Kuzmenko (Dec 24)
- RealMedia Server 5.0 Crasher (rmscrash.c) bow (Dec 22)
- Re: procmail / Sendmail - five bugs Casper Dik (Dec 23)
- Re: SSH-1.2.27 & RSAREF2 exploit Wakko Ellington Warner-Warner III (Dec 15)
- Recent postings about SCO UnixWare 7 Andrew Malcolm (Dec 15)
- Re: SSH-1.2.27 & RSAREF2 exploit Iván Arce (Dec 15)
- Oops, my apologies. Wakko Ellington Warner-Warner III (Dec 15)
- IRCnet IRCD 2.0x Reboot Bug A Bloke (Dec 15)
- Re: IRCnet IRCD 2.0x Reboot Bug Matus \ (Dec 15)
- Re: SSH-1.2.27 & RSAREF2 exploit Speed (Dec 15)