Bug#68433: Buffer overflow

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#68433: Buffer overflow
From: Edward Betts <edward@debian.org>
Date: Wed, 2 Aug 2000 22:12:14 +0100
Message-id: <[🔎] 20000802221214.A13293@wb010.wav1.uea.ac.uk>
Reply-to: Edward Betts <edward@debian.org>, 68433@bugs.debian.org

Package: xwpe
Version: 1.5.22a-1
Severity: normal

When I run xwpe like this and select the option to display a man page from the
help menu.

$ MANPATH=`perl -e 'print "a" x 4000'` xwpe 
Xwpe: unexpected signal 11, exiting ...

Error-Exit!   Code: 1!
$ 

The bug is in we_fl_unix.c:

3539:   char            sustr[250], subpath[250], manpath[250];

3545:  manpath[0] = '\0';
3546:  if(getenv("MANPATH"))
3547:    strcpy(manpath, getenv("MANPATH"));
3548:  if(manpath[0] == '\0')
3549:    strcpy(manpath, "/usr/man:/usr/share/man:/usr/X11R6/man:/usr/local/man");

-- System Information
Debian Release: woody
Architecture: i386
Kernel: Linux wb010 2.2.16pre4 #2 Tue May 23 00:25:59 BST 2000 i586

-- 
Don't worry  --  shop.

Reply to:

Prev by Date: Bug#68418: FWD: [ Hackerslab bug_paper ] ntop web mode vulnerabliity
Next by Date: sourceforge
Previous by thread: Bug#68418: FWD: [ Hackerslab bug_paper ] ntop web mode vulnerabliity
Next by thread: sourceforge
Index(es):
- Date
- Thread