Debian Bug report logs - #113732
not paranoid enough about device name

Package: gnumach; Maintainer for gnumach is GNU Hurd Maintainers <debian-hurd@lists.debian.org>; Source for gnumach is src:gnumach.

Reported by: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>

Date: Fri, 28 Sep 2001 00:18:01 UTC

Severity: normal

Tags: upstream

Forwarded to https://savannah.gnu.org/bugs/index.php?func=detailitem&item_id=15300

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <bug-hurd@gnu.org>:
Bug#113732; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>:
New Bug report received and forwarded. Copy sent to GNU Hurd Maintainers <bug-hurd@gnu.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
To: submit@bugs.debian.org
Subject: not paranoid enough about device name
Date: Fri, 28 Sep 2001 02:09:08 +0200
Package: gnumach

gnumach device_open is not paranoid enough about the device name.  I haven't
tried it, but I think that having 128 non-digits with no trailing zero will
make gnumach run past the buffer in dev_name_lookup.

Maybe not worth fixing for gnumach (esp as opening a device requires the
device master port anyway).  But it reminds me of the broader issue of the
necessity to audit the code, esp at the borders caused by user supplied
data.

Thanks,
Marcus

-- 
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann              GNU    http://www.gnu.org    marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de



Tags added: upstream Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Noted your statement that Bug has been forwarded to https://savannah.gnu.org/bugs/index.php?func=detailitem&item_id=15300. Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 22:36:33 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.