Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 Apr 2018 10:35:33 +0200
From: Sebastian Krahmer <half.linked.list@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Privsec vuln in beep / Code execution in GNU patch

Hi

 : 
> 
> If anyone knows the background of this please share it.

lulz. There is indeed a double free of console_device,
if a SIGINT is caught right before main() returns.
(Looking at git dbf0b4). Besides the easter egg, the patch
is still wrong. optarg may be reused via console_device, so the strdup()
is OK, but the ressource-free and signal handling isnt.

Shouts to the beep trolls. I strongly challenge the oppinion that security
is better done without it ...

Brave Knights who found issues in such small code base.

lg
-s


-- 

~
~ perl <-> $_='print"\$_=\47$_\47;eval"';eval
~ bash <-> $(curl stealth.openwall.net/null/nuts.txt)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ