|
Vulnerability Development
mailing list archives
Re: TCSH problems?
From: Andreas Forsgren <andreas.forsgren () direct2internet com>
Date: Wed, 6 Jun 2001 20:13:03 +0200 (CEST)
FYI,
[andreasf () andreasf andreasf]$ tcsh
[andreasf () andreasf ~]$ setenv HOME `perl -e 'print "/" x 10000'`
Aborted (core dumped)
[andreasf () andreasf andreasf]$ tcsh -c 'echo $version'
tcsh 6.09.00 (Astron) 1999-08-16 (i386-intel-linux) options 8b,nls,dl,al,rh,color
[andreasf () andreasf andreasf]$ uname -a; cat /etc/redhat-release
Linux andreasf 2.2.14-5.0 #1 Tue Mar 7 21:07:39 EST 2000 i686 unknown
Red Hat Linux release 6.2 (Zoot)
[andreasf () andreasf andreasf]$ gdb /bin/tcsh core
[...]
#3 0x804e084 in strcpy () at ../sysdeps/generic/strcpy.c:30
[...]
Well, a simple s/strcpy/strncpy/g should be enough here to fix this
and other potential buffer overflow problems.
Best regards,
Andreas Forsgren andreas.forsgren () direct2internet com
UNIX Systems Programmer Direct2Internet AB
On Wed, 6 Jun 2001, Felix Kronlage wrote:
On Wed, Jun 06, 2001 at 03:01:01AM -0400, Alex wrote:
setenv HOME `perl -e 'print "/" x 10000'`
cd ~
Is anyone else able to reproduce this? I know the problem itself
has little impact or significance, if any. But, I'm merely curious, so
please humor me. :-)
| [17:21:35] fkr () mad ~ $ tcsh
| mad:fkr {1} setenv HOME `perl -e 'print "/" x 10000'`
| Abort trap (core dumped)
| [17:21:43] fkr () mad ~ $ uname -a
| OpenBSD mad 2.9 GENERIC#6 i386
-fkr
 By Date 
By Thread
Current thread:
- Re: TCSH problems?, (continued)
|
Intro
