tags 455419 + patch kthxbyeA patch is attached to fix this bug. Note that this is a buffer overflow by its very nature, but it does not appear exploitable. It appears that at worst, the domainname will be empty.
-- brian m. carlson / brian with sandals: Houston, Texas, US +1 713 440 7475 | http://crustytoothpaste.ath.cx/~bmc | My opinion only a typesetting engine: http://crustytoothpaste.ath.cx/~bmc/code/thwack OpenPGP: RSA v4 4096b 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
diff -ur pump.old/pump.c pump-0.8.24/pump.c --- pump.old/pump.c 2007-12-10 02:30:16.000000000 +0000 +++ pump-0.8.24/pump.c 2007-12-10 03:03:10.000000000 +0000 @@ -652,7 +652,7 @@ if (intf[i].set & PUMP_NETINFO_HAS_HOSTNAME) strncpy(cmd.u.status.hostname, intf->hostname, sizeof(cmd.u.status.hostname)); - cmd.u.status.hostname[sizeof(cmd.u.status.hostname)] = '\0'; + cmd.u.status.hostname[sizeof(cmd.u.status.hostname) - 1] = '\0'; if (intf[i].set & PUMP_NETINFO_HAS_DOMAIN) strncpy(cmd.u.status.domain,
signature.asc
Description: Digital signature
