Hi, I'm Hádrien Romero Soria - @Kaiwaiata, I am a 16 year old boy, passionate about computer security, since more than 8h searching and finding various possible vulnerabilities in source code of bash.. I will tell you one vulnerability now, if they treat me well I will tell the other..
foolish or important things? unsafe use of *strcpy():* bash-4.3.tar\bash-4.3\lib\sh\unicode.c: *line 87: *strcpy (charsetbuf, locale); *#* if an attacker manages to take control of *charsetbuf[40];*, may cause a buffer overflow, which would be directed toward *.bss *it's not too dangerous but is a vulnerability. i hope answer, thanks a lot!, HádrienR - kaiwaiata.
