[BusyBox] buffer overflow in inetd.c
Glenn McGrath
bug1 at iinet.net.au
Sun Feb 22 11:30:17 UTC 2004
On Sun, 22 Feb 2004 13:41:00 +0300
"Vladimir N. Oleynik" <dzo at simtreas.ru> wrote:
> 1,3,4 point problems don`t removed is current CVS version.
> The demonstrate patch attached for 1,3 point correction,
> without restore 4 point, but remove se_user/se_group
> your mistake initiailization also.
> Not tested!
Ive applied it with a fix, in inetd_strdup you were returning the
original string rather that the duplicated one.
Its a hard applet to test for memory leaks, it doesnt return, and goes
into daemon mode, im not sure how to test for them with dmalloc.
Glenn
More information about the busybox
mailing list