[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#183312: xbase-clients: Buffer overflow in "xman"



On Mon, Mar 03, 2003 at 04:19:48PM -0500, Benjamin A.Okopnik wrote:
> I was just trying to demonstrate something that used to be an old security
> hole, the "MANPATH" overflow on "xman" - and it segfaulted out on me. A
> little testing shows the boundary:
> 
> ben@Fenrir:~$ perl -we'$a = "a" x 8192; `MANPATH=$a xman`'
> Xman Error: No manual pages found.
> ben@Fenrir:~$ perl -we'$a = "a" x 8193; `MANPATH=$a xman`'
> Segmentation fault
> 
> I guess it somehow got "unfixed"...

FYI, I cannot reproduce this problem on PowerPC:

[0] branden@redwald:~ % perl -we'$a = "a" x 8192; `MANPATH=$a xman`'
Xman Error: No manual pages found.
[0] branden@redwald:~ % perl -we'$a = "a" x 8193; `MANPATH=$a xman`'
Xman Error: No manual pages found.
[0] branden@redwald:~ % perl -we'$a = "a" x 8194; `MANPATH=$a xman`'
[0] branden@redwald:~ % uname -a
Linux redwald 2.4.19-powerpc #1 Mon Sep 9 09:01:43 EDT 2002 ppc unknown unknown GNU/Linux

-- 
G. Branden Robinson                |    One man's theology is another man's
Debian GNU/Linux                   |    belly laugh.
branden@debian.org                 |    -- Robert Heinlein
http://people.debian.org/~branden/ |

Attachment: pgpxo6bm7Efdc.pgp
Description: PGP signature


Reply to: