[Bug 439] New: Buffer overrun in runit/svlogd.c when scanning config file

bugzilla at busybox.net bugzilla at busybox.net
Fri Jul 3 14:41:28 UTC 2009


           Summary: Buffer overrun in runit/svlogd.c when scanning config
           Product: Busybox
           Version: 1.14.x
          Platform: PC
        OS/Version: Windows
            Status: NEW
          Severity: major
          Priority: P3
         Component: Other
        AssignedTo: unassigned at busybox.net
        ReportedBy: earl_chew at agilent.com
                CC: busybox-cvs at busybox.net
   Estimated Hours: 0.0

Created an attachment (id=439)
 --> (https://bugs.busybox.net/attachment.cgi?id=439)
Proposed patch

I believe there is a possibility of overrunning the buffer containing the log
configuration in runit/svlogd.c

The code in svlogd.c uses open_read_close() to retrieve the content of the
configuration file, and then scans the buffer searching for a terminating nul.
The function open_read_close() does not guarantee that a terminating nul is

Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the busybox-cvs mailing list