Bug#943824: [libeantic0] crashing because of buffer overflow
Giovanni Mascellani
gio at debian.org
Wed Oct 30 11:46:43 GMT 2019
Package: libeantic0
Version: 0.1.3+ds-3
Severity: normal
Tags: patch
The attached patch fixes a crash caused by a buffer overflow: a sprintf
call in the code uses a fixed size buffer without checking if the string
will actually fit inside it.
I discovered it because an application I am writing crashed over it.
The attached patch should fix the problem. I can NMU if you're ok with it.
Thanks, Giovanni.
--- System information. ---
Architecture: Kernel: Linux 5.2.0-3-amd64
Debian Release: bullseye/sid
500 xenial updates.signal.org 500 unstable-debug
debug.mirrors.debian.org 500 unstable deb.debian.org 500
testing deb.debian.org 500 stable repo.skype.com
500 stable dl.google.com 1 experimental deb.debian.org
--- Package information. ---
Depends (Version) | Installed
================================-+-==============
libc6 (>= 2.4) | libflint-2.5.2 |
libflint-arb2 (>= 1:2.17.0) | libgcc1 (>= 1:3.0) |
libgmp10 | libgomp1 (>= 4.2.1) |
libstdc++6 (>= 4.1.1) |
Package's Recommends field is empty.
Package's Suggests field is empty.
--
Giovanni Mascellani <g.mascellani at gmail.com>
Postdoc researcher - Université Libre de Bruxelles
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix_buffer_overflow.patch
Type: text/x-patch
Size: 2364 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-science-maintainers/attachments/20191030/661b387e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/debian-science-maintainers/attachments/20191030/661b387e/attachment.sig>
More information about the debian-science-maintainers
mailing list