Date: Thu, 13 Oct 2005 21:30:27 GMT From: Nate Eldredge <nge@cs.hmc.edu> To: freebsd-bugs@FreeBSD.org Subject: Re: gnu/45168: Buffer overflow in /usr/bin/dialog Message-ID: <200510132130.j9DLURLA071293@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR gnu/45168; it has been noted by GNATS. From: Nate Eldredge <nge@cs.hmc.edu> To: bug-followup@FreeBSD.org, saturnero@freesbie.org Cc: daveb@optusnet.com.au, freebsd-current@cs.hmc.edu Subject: Re: gnu/45168: Buffer overflow in /usr/bin/dialog Date: Thu, 13 Oct 2005 14:29:43 -0700 (PDT) libdialog appears to be brimming with bugs of this sort. Lots of uses of strcpy / strcat. It probably needs a complete audit. Ideally there should be no MAX_LEN and everything dynamically allocated. I hope to god it is never run by anything with elevated privileges. -- Nate Eldredge nge@cs.hmc.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510132130.j9DLURLA071293>