Damyan Ivanov wrote:
Short story: I think that this is unexploitable.
I think we could hunt this kind of bugs with code checkers (like flawfinder)
gds.cpp:960: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination.
Consider using strncpy or strlcpy (warning,
tags 264453 - security
tags 264453 + fixed-upstream
thanks
Florian Weimer wrote:
> * Damyan Ivanov:
>
>>If you have no objections, I intent to close the bugreport. Ot should it be
>>tagged "wontfix" and security tag removed?
>
> Either way is fine with me. If the underlying problem -- passing
>
* Damyan Ivanov:
> If you have no objections, I intent to close the bugreport. Ot should it be
> tagged "wontfix" and security tag removed?
Either way is fine with me. If the underlying problem -- passing
around buffer addresses without the corresponding length -- is tracked
somewhere else (mayb
Short story: I think that this is unexploitable.
Florian Weimer wrote:
> * Damyan Ivanov:
>
>
>> So I decided to check whether fb_lock_mgr actually uses this source. It
>> seems to be linked with jrd statically. (From what I see in the makefile
>> spaghetti)
>
>
> This is only a problem if i
* Damyan Ivanov:
> So I decided to check whether fb_lock_mgr actually uses this source. It seems
> to be linked with jrd statically. (From what I see in the makefile spaghetti)
This is only a problem if it also invokes setlocale, to activate the
localized message files.
> So, what is the code, t
Florian Weimer wrote:
> I agree that this is a horrible coding style, but it's unlikely that
> it's exploitable. As far as I can tell, the situation is follows:
Thank you very much for looking at this bug.
I agree with your reasoning.
However, there is a possibility for the local admin to give f
I agree that this is a horrible coding style, but it's unlikely that
it's exploitable. As far as I can tell, the situation is follows:
* An attacker must change the system's error messages.
* This is only possible by setting LC_MESSAGES to a specially
crafted locale file.
* This in tu
7 matches
Mail list logo
