[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tiger-devel] Tiger-3.1 Buffer Overflow bug

From: Javier Fernández-Sanguino Peña
Subject: Re: [Tiger-devel] Tiger-3.1 Buffer Overflow bug
Date: Tue, 22 Apr 2003 00:51:55 +0200
User-agent: Mutt/1.5.3i

On Mon, Apr 21, 2003 at 03:26:00PM -0700, Steve G wrote:
> Hello,
> Recently I ran across a bug in the 3.1 version of Tiger. It
> has a program realpath.c that is crashing on my stack
> smashing protection software. It has 2 issues. 1)
> is 4096 by definition on Linux 2.4. The program has some
> buffers that are on 1025 in size. They should be scaled off
> of MAXPATHLEN instead of a magic number.
> Also (2), the realpath function is in glibc, but with a
> different argument count. This causes problems for libsafe.
> The function should either be static or renamed to
> my_realpath() to avoid problems.

I will check both of these issues tomorrow (off to sleep now). The second 
one is easy to solve as for the first one I will take a look and fix it in 
the CVS too.

> I've attached an updated copy for your review.

Ok. Will look.

> I use Red Hat 9, and I also see all kinds of shell script
> errors in check_accounts, has anyone else reported this?
> Lines 136, 195, 317. (:-lt: unary operator expected).

This seems to be a problem with Tiger_Accounts_Trust not defined which is 
strange since I added code in case it was not defined in tigerrc. I have 
not encountered this myself. I have taken a look at the code and probably 
it needs to be improved setting Tiger_Accounts_Trust to -1 at the beginning 
of the script if it's not defined. Will check and fix too.

Thank you for your information, will keep you up2date on this.



Attachment: pgpMumxaFnsnN.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]