[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #40088] potential buffer overflow in -execdir and -okdir

From: James Youngman
Subject: [bug #40088] potential buffer overflow in -execdir and -okdir
Date: Sun, 22 Sep 2013 20:24:46 +0000
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36


                 Summary: potential buffer overflow in -execdir and -okdir
                 Project: findutils
            Submitted by: jay
            Submitted on: Sun 22 Sep 2013 20:24:45 GMT
                Category: find
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: jay
         Originator Name: Dmitry V. Levin
        Originator Email: address@hidden
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 4.5.11
           Fixed Release: None



Dmitry already supplied a patch, described thus:

* lib/buildcmd.c (bc_push_arg): Take prefix length into account
to avoid state->argbuf overflow.
* NEWS: Mention this fix.

It would be a security issue if one could control factors triggering this bug,
which include a directory with thousands of files.

The full patch is attached.


File Attachments:

Date: Sun 22 Sep 2013 20:24:45 GMT  Name: 0.txt  Size: 5kB   By: jay



Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]