Vulnerability Development mailing list archives
Re: [Fwd: Help needed with bufferoverflow in cvs]
From: "Crist J. Clark" <crist.clark () attbi com>
Date: Fri, 22 Feb 2002 09:34:00 -0800
On Thu, Feb 21, 2002 at 10:21:05AM -0500, Larry Jones wrote: [snip]
This is 1.10.7-7; do you have the patch for this problem handy?The best fix is to upgrade to a reasonably current release of CVS, which you can get from www.cvshome.org. The current release is 1.11.1p1. If you insist on patching an obsolete version:
Well, if that was his problem, there still appears to be one.
$ cvs -v
Concurrent Versions System (CVS) 1.11.1p1-FreeBSD (client/server)
Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
Jeff Polk, and other authors
CVS may be copied only under the terms of the GNU General Public License,
a copy of which can be found with the CVS distribution kit.
Specify the --help option for further information about CVS
Which looks like the current release. This is a FreeBSD 4.5-RELEASE
system, BTW. And I get,
$ cvs -f diff -C111111111111 ip_fw.c
Index: ip_fw.c
===================================================================
RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
retrieving revision 1.131.2.31
diff -C111111111111 -r1.131.2.31 ip_fw.c
Segmentation fault (core dumped)
The fault is not at the code you quoted, but I'm seg faulting,
(gdb) run -fq diff -C`perl -e 'print "1" x 11'` /export/current/src/sys/netinet/ip_fw.c
Starting program: /var/tmp/export/stable/src/gnu/usr.bin/cvs/cvs/cvs -fq diff -C`perl -e 'print "1" x 11'`
/export/current/src/sys/netinet/ip_fw.c
Index: /export/current/src/sys/netinet/ip_fw.c
===================================================================
RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
retrieving revision 1.181
diff -C11111111111 -r1.181 ip_fw.c
Program received signal SIGSEGV, Segmentation fault.
0x8099b7e in discard_confusing_lines (filevec=0xbfbff38c)
at /export/stable/src/gnu/usr.bin/cvs/libdiff/../../../../contrib/cvs/diff/analyze.c:431
(gdb)
Sorry, I have not looked in to it more closely than this.
--
Crist J. Clark | cjclark () alum mit edu
| cjclark () jhu edu
http://people.freebsd.org/~cjc/ | cjc () freebsd org
Current thread:
- Re: [Fwd: Help needed with bufferoverflow in cvs] Larry Jones (Feb 21)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Tollef Fog Heen (Feb 21)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Larry Jones (Feb 21)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Turbo Fredriksson (Feb 22)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Larry Jones (Feb 22)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Crist J. Clark (Feb 22)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Donald Sharp (Feb 22)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Crist J. Clark (Feb 23)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Larry Jones (Feb 21)
- Re: [Fwd: Help needed with bufferoverflow in cvs] Tollef Fog Heen (Feb 21)