I reviewed servicelog git version 4cb0d4987ad00d4b0d5359ddb495fd20fcd7e01a;
this shouldn't be considered a full security audit.
- main() in log_repair_action.c doesn't check fread() error returns, a
zero return could cause out-of-buffer write
- main() in log_repair_action.c doesn't check strdup() error returns
- main() in log_repair_action.c uses popen("date ..."), is this ever
called from other programs? It's fine if it's just for administrators,
but if other tools can use it, it ought to be fixed.
Cases of "assuming the error":
- main() in log_repair_action.c, stat() error can happen for more reasons
than just ENOENT
- main() in log_repair_action.c, S_IXUSR test does not match execve() tests
Slightly odd:
- main() in log_repair_action.c suggests to mail support when a wrong
option is provided, rather than just print the usage.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1417608
Title:
[MIR] ppc64-diag needed in minimal for hotplug capabilities
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libservicelog/+bug/1417608/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
