Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCSH problems?

From: "Nasko Oskov" <compnetsecurity () hotmail com>
Date: Wed, 06 Jun 2001 18:34:14 +0300
        After some ktracing, and code auditing by myself and a colleague,
we believe the problem *may* infact be in libc's setenv() and getenv()
functions.  We were able to duplicate the bug on various platforms, mostly
causing signal 6s and dumping cores.  Feedback would be appreciated


> > setenv HOME `perl -e 'print "/" x 10000'`

                                        ^ Length varies from 1024-10000
for effectiveness on diffrent OSes.


nasko@digital:~$ tcsh

setenv HOME `perl -e 'print "/" x 10000'`

Aborted
nasko@digital:~$ uname -a
Linux digital 2.2.19 #2 SMP Sat Jun 2 12:23:40 AKDT 2001 i686 unknown
nasko@digital:~$

Platform: Slack current

Nasko
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Previous By Date Next
Previous By Thread Next

Current thread: