On Mon, Mar 03, 2003 at 04:19:48PM -0500, Benjamin A.Okopnik wrote: > I was just trying to demonstrate something that used to be an old security > hole, the "MANPATH" overflow on "xman" - and it segfaulted out on me. A > little testing shows the boundary: > > ben@Fenrir:~$ perl -we'$a = "a" x 8192; `MANPATH=$a xman`' > Xman Error: No manual pages found. > ben@Fenrir:~$ perl -we'$a = "a" x 8193; `MANPATH=$a xman`' > Segmentation fault > > I guess it somehow got "unfixed"... FYI, I cannot reproduce this problem on PowerPC: [0] branden@redwald:~ % perl -we'$a = "a" x 8192; `MANPATH=$a xman`' Xman Error: No manual pages found. [0] branden@redwald:~ % perl -we'$a = "a" x 8193; `MANPATH=$a xman`' Xman Error: No manual pages found. [0] branden@redwald:~ % perl -we'$a = "a" x 8194; `MANPATH=$a xman`' [0] branden@redwald:~ % uname -a Linux redwald 2.4.19-powerpc #1 Mon Sep 9 09:01:43 EDT 2002 ppc unknown unknown GNU/Linux -- G. Branden Robinson | One man's theology is another man's Debian GNU/Linux | belly laugh. branden@debian.org | -- Robert Heinlein http://people.debian.org/~branden/ |
Attachment:
pgplFxmTXit3L.pgp
Description: PGP signature