On 04/05/14 20:00, Alan Fisher wrote: > In this example, when 'route' is run with the fourth argument > (0123456789abcdef) >= 16 characters, a buffer overrun occurs. > > # route add -6 default 0123456789abcdef
It seems that all parameters are exposed to buffer overflows: $ ./route add -6 $(perl -e 'print "a"x128') foo *** buffer overflow detected ***: ./route terminated The code is using strcpy, I will produce a patch for this, but I'd strongly recommend you to use iproute instead. Thanks for reporting! -- Martín Ferrari (Tincho) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
