Re: Bad input checking - a bug?
* Al Nikolov <al@iac.spb.ru> [050413 17:36]:
> Please consult me. A bad checking of "unexpected" command-line arguments
> causing segmentation fault - is that behaviour must be counted as a
> grave/normal/minor bug?
I'd suggest:
- bad checking -> minor or normal, depending what "unexpected" means.
- same causing segfault -> normal (segfaults are never minor in my eyes)
- causing segfault in a way that could be exploitable and the arguments
are normaly supplied by something the user has no control over (like
it may be normal your browser calls it with arguments coming from the
net in a way to provoke this) -> grave and tag it security.
- causing segfault in a way that could be exploitable and the arguments
are not from the same user/group the program is running as. (Like
a suid/sgid-binary, being normaly called from a cgi with the
arguments coming from the net [I hope nothing does so stupid things,
as it is hard to do so without additional holes] in a way to trigger
this and so on -> critical and tag in security
Hochachtungsvoll,
Bernhard R. Link
Reply to: