On Sat, Sep 30, 2006 at 05:48:38PM +0800, Andrew Lee wrote: > > > shouldn't segv anyway - just checking format and refusing to use it if > > incompat. Being able to segv it is bad anyway, a possibly a sec.hole. > > Please forward information if you find a proof it is a sec. hole.
I don't have proofs, nor time/will to dig the matter. The basic fact is that if it segv it's not checking input data sufficiently, which means that a tainted dict might be uploaded at usual URLs for stardict's users to grab and install. Now, if uploader found the bug is exploitable, such users *might* find themselves running a trojan while equiring the dict. > I don't think it's a bug of stardict package in sarge, the package comes > with the limited formats support from upstream, you shuld use the > supported dictionary with it. it should know it's acceptable format and bail out cleanly - or better, warn and ignore - on wrong ones. Stumbling badly on a wrong/different format/version is always a bad bug on the app side. > I'd suggest the unofficial dictionary package maintainer to make it > depends on right version of stardict, could you please forward it to the > unofficial package maintainer? sure thanks -- paolo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
