Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Mar 2003 04:44:34 -0800
From:      Eivind Eklund <eivind@FreeBSD.org>
To:        Jean-Marc Zucconi <jmz@FreeBSD.org>
Cc:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/lib/libz gzio.c
Message-ID:  <20030314044434.B42430@FreeBSD.org>
In-Reply-To: <200303140147.h2E1l11r023091@repoman.freebsd.org>; from jmz@FreeBSD.org on Thu, Mar 13, 2003 at 05:47:01PM -0800
References:  <200303140147.h2E1l11r023091@repoman.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 13, 2003 at 05:47:01PM -0800, Jean-Marc Zucconi wrote:
> jmz         2003/03/13 17:47:01 PST
> 
>   FreeBSD src repository
> 
>   Modified files:
>     lib/libz             gzio.c 
>   Log:
>   In src/lib/libz/gzio.c the function gzprintf does not check if the
>   amount of bytes (supposed to be) written by vsnprintf exceeds the
>   size of the buffer.
>   
>   PR:             bin/48844
>   Submitted by:   Peter A Jonsson <pj@ludd.luth.se>
>   Obtained from:  OpenBSD
>   MFC after:      1 month

Are we sure this does not have security implications and should be merged
ASAP?  It sounds like a security fix, and one I'd like to have in 4.8 - if
gunzipping files can be exploited, it could turn nasty.

Eivind.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030314044434.B42430>