[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#405876: Subject: gxine: segfault on startup with long HOME dir

Hi Darren,

On Sun, Jan 07, 2007 at 03:24:49AM +0000, Darren Salt wrote:
> I demand that Florian Grunow may or may not have written...

> > Debian gxine uses the HOME environment variable without proper bounds
> > checking in version 0.5.8. This results in a buffer overflow when the HOME
> > environment variable is longer than or equal to 242. It is possible to
> > execute code, which doesn't seem to be the case in version 0.5.9. Version
> > 0.5.9 (not tested as .deb, built from source) simply segfaults.

> Actually, any filename >= 108 characters long is too long anyway (due to the
> size of the sun_path field in struct sockaddr_un). This is now tested for in
> what should soon become 0.5.10.

> The patch is here:
> <URL:http://zap.tartarus.org/~ds/hg/gxine/?cmd=changeset;node=f3496e5e172f;style=gitweb>

> I'll prepare a 0.5.8 update with this patch, but I'd like to know (from an
> RM's point of view) which of the patches in the existing 0.5.8-2 should make
> it into etch. I'd like to include, at least, the patches for the locking bugs
> (-release CC'ed for this reason).

Why does the diff for -2 in the archive enable watchdog code?  This sounds
like a new feature, not a bugfix, and one that hasn't previously been tested
in Debian.  I don't think such a change should be made during the freeze.

Thanks,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/
Reply to: