oss-sec mailing list archives
Re: LZW decompression issues
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 28 Sep 2011 21:11:32 +0200
* Tomas Hoger:
Following bugzillas list various code bases that were checked for the issue and if they are affected or not: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2895 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896
Not good. 8-( Looking at <http://minnie.tuhs.org/cgi-bin/utree.pl?file=4.3BSD-Reno/src/usr.bin/compress/compress.c>, it seems that these constants | char_type lmask[9] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80, 0x00}; | char_type rmask[9] = {0x00, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f, 0xff}; can be used to build signatures to spot candidate binaries.
Current thread:
- Re: LZW decompression issues, (continued)
- Re: LZW decompression issues Colin Percival (Sep 28)
- Re: LZW decompression issues Tomas Hoger (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Tavis Ormandy (Sep 28)
- Re: LZW decompression issues Solar Designer (Sep 28)
- Re: LZW decompression issues Tomas Hoger (Sep 29)
- Re: LZW decompression issues Tim Zingelman (Sep 29)
- Re: LZW decompression issues Joerg Sonnenberger (Sep 29)
- Re: LZW decompression issues Solar Designer (Sep 29)
- Re: LZW decompression issues Tavis Ormandy (Sep 29)