retitle 260856 xbase-clients: [xconsole] possible buffer overrun due to unchecked return from read() tag 260856 + upstream thanks On Thu, Jul 22, 2004 at 05:22:26PM +0200, Tommy Pettersson wrote: > Well, I do not know for sure that this error ever happens, but it looks > like it could, and than will have some bad implications. > > Sometimes I get screwed up lines in xconsole that are not in any of the > /var/foolog files. I hope this patch will fix that. It is just trial > and error, but the code I found looks so wrong that I decided to send in > the patch anyway. > > In inputReady() there is a test on the returned value from read(), and a > code block that is executed on error. There is a path through that block > where the function may continue with inappropriate values, in the worst > case indexing outside an array on the stack. [snip] Thanks for filing this report. For the record, I don't regard this as a security problem because Debian doesn't ship xconsole setuid or setgid. (I'm saying this for the benefit of the bug logs, not as some sort of reproach.) Thanks again! -- G. Branden Robinson | When we call others dogmatic, what Debian GNU/Linux | we really object to is their branden@debian.org | holding dogmas that are different http://people.debian.org/~branden/ | from our own. -- Charles Issawi
Attachment:
signature.asc
Description: Digital signature