Bug#233678: apt: Buffer length not checked: SysList[GlobalListLen]

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#233678: apt: Buffer length not checked: SysList[GlobalListLen]
From: Greg Kochanski <gpk@kochanski.org>
Date: Thu, 19 Feb 2004 12:04:52 +0000
Message-id: <[🔎] E1AtmvE-0003g3-00@localhost>
Reply-to: Greg Kochanski <gpk@kochanski.org>, 233678@bugs.debian.org

Package: apt
Version: 0.5.21
Severity: normal

On line 31 of .../apt-pkg/pkgsystem.cc, the constructor
uses SysList[GlobalListLen] and increments
GlobalListLen++;
on the next line, without checking to see if GlobalListLen
is too big for the buffer ( SysList[10], defined a few lines above).

I don't think this is a security problem, but it ought to be
cleaned up.


-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "i386";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::userstatus "status.user";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::dpkg "/usr/bin/dpkg";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";

-- (no /etc/apt/preferences present) --


-- /etc/apt/sources.list --


deb ftp://ftp.uk.debian.org/debian/ testing main non-free contrib
deb-src ftp://ftp.uk.debian.org/debian/ testing main non-free contrib
# deb http://mirror.ox.ac.uk/debian testing main contrib non-free
# deb-src http://mirror.ox.ac.uk/debian testing main contrib non-free
deb http://mirror.ox.ac.uk/debian-non-US testing/non-US main contrib non-free
deb-src http://mirror.ox.ac.uk/debian-non-US testing/non-US main contrib non-free
# deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free
# deb-src http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free

# deb http://mirrors.kernel.org/debian/ testing main non-free contrib
# deb-src http://mirrors.kernel.org/debian/ testing main non-free contrib

deb http://security.debian.org/ testing/updates main contrib non-free

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux gpk 2.4.23 #2 Sun Dec 7 11:46:58 GMT 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages apt depends on:
ii  libc6                      2.3.2.ds1-11  GNU C Library: Shared libraries an
ii  libgcc1                    1:3.3.3-0pre3 GCC support library
ii  libstdc++5                 1:3.3.3-0pre3 The GNU Standard C++ Library v3

-- no debconf information

Reply to:

Follow-Ups:
- Bug#233678: marked as done (apt: Buffer length not checked: SysList[GlobalListLen])
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#233669: apt: Apt requires /usr/bin/msgcomm to build, not documented, not tested.
Next by Date: Bug#233681: apt: Obscure error message when used on a non-Debian system
Previous by thread: Bug#233669: marked as done (apt: Apt requires /usr/bin/msgcomm to build, not documented, not tested.)
Next by thread: Bug#233678: marked as done (apt: Buffer length not checked: SysList[GlobalListLen])
Index(es):
- Date
- Thread