[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tiny buffer overflow in 'stat' (4.5.3)
From: |
Jim Meyering |
Subject: |
Re: tiny buffer overflow in 'stat' (4.5.3) |
Date: |
Wed, 27 Aug 2003 11:06:28 +0200 |
Tommi Kyntola <address@hidden> wrote:
> It appears that stat source function print_it (stat.c:574) can be tricked
> into performing a strchr (and after that either an fputs or worse with %
> manipulation) beyond the terminator in the string received from
> char *format = strdup (masterformat);
>
> This happens whenever the given --format ends in '%'.
...
> --- coreutils-4.5.3-vanilla/src/stat.c 2002-09-22 09:48:28.000000000 +0300
> +++ coreutils-4.5.3-statfix/src/stat.c 2003-08-26 16:23:50.097650304 +0300
...
Thank you very much.
I've applied your patch.
FYI, the latest is coreutils-5.0.90:
ftp://alpha.gnu.org/gnu/coreutils/coreutils-5.0.90.tar.bz2
Even newer sources (including your fix) are available here:
http://savannah.gnu.org/projects/coreutils/