reassign 441355 libc6 thanks Rich Felker a écrit : > On Sun, Sep 09, 2007 at 09:33:43PM +0200, Aurelien Jarno wrote: >>> The bug can cause crashes in any program using the system regex >>> routines and could in principle be used for DoS attacks if a >>> less-privileged user is able to provide regular expressions to a >>> more-privileged process. >> Do you have an example of such claim? I have been unable to reproduce >> the problem when the regex routines are called correctly. > > Perhaps other applications also call it incorrectly? I noticed the > problem first with regex searches in the pager 'less' but found grep > an easier test-case to reproduce it with. As far as I know less calls > the regex routines with the standard posix api and not the gnu one, > but I may be mistaken. >
I have finally been able to reproduce the problem with a simple C code. I am reassigning this bug back to libc6 until I correctly understand the problem. -- .''`. Aurelien Jarno | GPG: 1024D/F1BCDB73 : :' : Debian developer | Electrical Engineer `. `' [EMAIL PROTECTED] | [EMAIL PROTECTED] `- people.debian.org/~aurel32 | www.aurel32.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
