Date: Fri, 6 Apr 2018 10:35:33 +0200 From: Sebastian Krahmer <half.linked.list@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Privsec vuln in beep / Code execution in GNU patch Hi : > > If anyone knows the background of this please share it. lulz. There is indeed a double free of console_device, if a SIGINT is caught right before main() returns. (Looking at git dbf0b4). Besides the easter egg, the patch is still wrong. optarg may be reused via console_device, so the strdup() is OK, but the ressource-free and signal handling isnt. Shouts to the beep trolls. I strongly challenge the oppinion that security is better done without it ... Brave Knights who found issues in such small code base. lg -s -- ~ ~ perl <-> $_='print"\$_=\47$_\47;eval"';eval ~ bash <-> $(curl stealth.openwall.net/null/nuts.txt)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ