[Bug 439] New: Buffer overrun in runit/svlogd.c when scanning config file
bugzilla at busybox.net
bugzilla at busybox.net
Fri Jul 3 14:41:28 UTC 2009
https://bugs.busybox.net/show_bug.cgi?id=439
Summary: Buffer overrun in runit/svlogd.c when scanning config
file
Product: Busybox
Version: 1.14.x
Platform: PC
OS/Version: Windows
Status: NEW
Severity: major
Priority: P3
Component: Other
AssignedTo: unassigned at busybox.net
ReportedBy: earl_chew at agilent.com
CC: busybox-cvs at busybox.net
Estimated Hours: 0.0
Created an attachment (id=439)
--> (https://bugs.busybox.net/attachment.cgi?id=439)
Proposed patch
I believe there is a possibility of overrunning the buffer containing the log
configuration in runit/svlogd.c
The code in svlogd.c uses open_read_close() to retrieve the content of the
configuration file, and then scans the buffer searching for a terminating nul.
The function open_read_close() does not guarantee that a terminating nul is
present.
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list