oss-sec mailing list archives

Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun)

From: Peter Bex <Peter.Bex () xs4all nl>
Date: Thu, 9 May 2013 15:03:38 +0200

On Wed, May 08, 2013 at 11:07:02PM +0200, Peter Bex wrote:

There are two commits which together fix the bug:
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=9e2022652258e8a30e5cedbf0abc9cd85a0f6af7
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=556108092774086b6c86c2e27daf3f740ffec091


Correction, this introduced a bug on systems where connect() can return
EINPROGRESS, resulting in an exception being raised when connecting to a
socket and immediately writing to it.  A third patch is required to fix
this bug:
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=766056cd5f26b1d529405705449cb534609c113f

Cheers,
Peter
-- 
http://www.more-magic.net

Current thread:

CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun) Peter Bex (May 08)
- Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun) Peter Bex (May 09)
  - Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun) Kurt Seifried (May 10)