[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Potential Format String Vulnerability

From: Thomas Dickey
Subject: Re: Potential Format String Vulnerability
Date: Fri, 13 Jul 2012 15:56:05 -0400
User-agent: Mutt/1.5.18 (2008-05-17)

On Fri, Jul 13, 2012 at 03:59:52PM +0100, Armin Ronacher wrote:
> Hi,
> The terminfo files contain format strings in some places and you can get
> ncurses to segfault if you change them around.  Before invoking tparm, there
> should be some check that the format string is of the correct format because
> you can definitely get apps to segfault this way.

You'll have to be more specific: without changing the scope of the library
(for instance, to catch SIGBUS), there's checks for non-null pointers
that barring a bug-report are performing the in-scope checks needed.

For what it's worth, someone can always do something like

       tparm((char *)123);

and get a core dump

Thomas E. Dickey <address@hidden>

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]