oss-sec mailing list archives
Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun)
From: Peter Bex <Peter.Bex () xs4all nl>
Date: Thu, 9 May 2013 15:03:38 +0200
On Wed, May 08, 2013 at 11:07:02PM +0200, Peter Bex wrote:
There are two commits which together fix the bug: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=9e2022652258e8a30e5cedbf0abc9cd85a0f6af7 http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=556108092774086b6c86c2e27daf3f740ffec091
Correction, this introduced a bug on systems where connect() can return EINPROGRESS, resulting in an exception being raised when connecting to a socket and immediately writing to it. A third patch is required to fix this bug: http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=766056cd5f26b1d529405705449cb534609c113f Cheers, Peter -- http://www.more-magic.net
Current thread:
- CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun) Peter Bex (May 08)
- Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun) Peter Bex (May 09)