Vulnerability Development mailing list archives
Re: TCSH problems?
From: Andreas Forsgren <andreas.forsgren () direct2internet com>
Date: Wed, 6 Jun 2001 20:13:03 +0200 (CEST)
FYI, [andreasf@andreasf andreasf]$ tcsh [andreasf@andreasf ~]$ setenv HOME `perl -e 'print "/" x 10000'` Aborted (core dumped) [andreasf@andreasf andreasf]$ tcsh -c 'echo $version' tcsh 6.09.00 (Astron) 1999-08-16 (i386-intel-linux) options 8b,nls,dl,al,rh,color [andreasf@andreasf andreasf]$ uname -a; cat /etc/redhat-release Linux andreasf 2.2.14-5.0 #1 Tue Mar 7 21:07:39 EST 2000 i686 unknown Red Hat Linux release 6.2 (Zoot) [andreasf@andreasf andreasf]$ gdb /bin/tcsh core [...] #3 0x804e084 in strcpy () at ../sysdeps/generic/strcpy.c:30 [...] Well, a simple s/strcpy/strncpy/g should be enough here to fix this and other potential buffer overflow problems. Best regards, Andreas Forsgren andreas.forsgren () direct2internet com UNIX Systems Programmer Direct2Internet AB On Wed, 6 Jun 2001, Felix Kronlage wrote:
On Wed, Jun 06, 2001 at 03:01:01AM -0400, Alex wrote:setenv HOME `perl -e 'print "/" x 10000'` cd ~ Is anyone else able to reproduce this? I know the problem itself has little impact or significance, if any. But, I'm merely curious, so please humor me. :-)| [17:21:35] fkr@mad ~ $ tcsh | mad:fkr {1} setenv HOME `perl -e 'print "/" x 10000'` | Abort trap (core dumped) | [17:21:43] fkr@mad ~ $ uname -a | OpenBSD mad 2.9 GENERIC#6 i386 -fkr
Current thread:
- Re: TCSH problems?, (continued)
- Re: TCSH problems? Mike Duncan (Jun 06)
- Re: TCSH problems? Flux9 (Jun 06)
- Re: TCSH problems? KF (Jun 06)
- Re: TCSH problems? KF (Jun 06)
- Re: TCSH problems? Guezou Philippe (Jun 06)
- Re: TCSH problems? Kevin J. Menard, Jr. (Jun 06)
- Re: TCSH problems? Flux9 (Jun 06)
- Re: TCSH problems? Sven van ´t Veer (Jun 06)
- Re: TCSH problems? Edsel Adap (Jun 06)
- Re: TCSH problems? Felix Kronlage (Jun 06)
- Re: TCSH problems? Andreas Forsgren (Jun 06)
- Re: TCSH problems? Branko Ivanovic (Jun 06)
- Re: TCSH problems? Lee Smith (Jun 06)
- Re: TCSH problems? sean (Jun 07)
- Re: TCSH problems? poke (Jun 07)
- Re: nonsuid overflows... still at risk? Andrew R. Reiter (Jun 06)
- Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
- Re: nonsuid overflows... still at risk? KF (Jun 06)
- Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
- Re: nonsuid overflows... still at risk? KF (Jun 06)
- crontab and sgid (was: nonsuid overflows... still at risk?) Tomasz Grabowski (Jun 07)
- Re: nonsuid overflows... still at risk? KF (Jun 06)