Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 27 Oct 2014 20:18:00 +0100
From: Jakub Wilk <jwilk@...lk.net>
To: oss-security@...ts.openwall.com
Subject: Re: Re: strings / libbfd crasher

* Michal Zalewski <lcamtuf@...edump.cx>, 2014-10-27, 11:59:
>Well, there's also a trivial stack buffer overflow in srec.c near line 
>254:
>
>      char buf[10];
>...
>        sprintf (buf, "\\%03o", (unsigned int) c);
>
>But with this test case, c will be -44, or "\1777777777777777777724",

More likely "\37777777724"...

>which sounds a lot longer than 9 characters.

...which is still longer than 9.

-- 
Jakub Wilk

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ