[BusyBox 0001520]: Incorrect usage of strncat in coreutils/stat.c

bugs at busybox.net bugs at busybox.net
Thu Oct 4 07:19:49 UTC 2007


The following issue has been SUBMITTED. 
====================================================================== 
http://busybox.net/bugs/view.php?id=1520 
====================================================================== 
Reported By:                d3z
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   1520
Category:                   Security
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             10-04-2007 00:19 PDT
Last Modified:              10-04-2007 00:19 PDT
====================================================================== 
Summary:                    Incorrect usage of strncat in coreutils/stat.c
Description: 
coreutils/stat.c contains numerous instances of 'strncat' that are
incorrect.

  strncat(pformat, "s", buf_len);

should instead read something like:

  strncat(pformat, "s", buf_len-strlen(pformat)-1);

This could cause a buffer overflow if the buffer size computations were
incorrect.
====================================================================== 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
10-04-07 00:19  d3z            New Issue                                    
10-04-07 00:19  d3z            Status                   new => assigned     
10-04-07 00:19  d3z            Assigned To               => BusyBox         
======================================================================




More information about the busybox-cvs mailing list