Bug#270485: libgksu1.2-0: contains several buffer overflows

Martin Pitt Martin Pitt <martin.pitt@canonical.com>, 270485@bugs.debian.org
Tue, 7 Sep 2004 17:29:55 +0200


--gKMricLos+KVdGMg
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Package: libgksu1.2-0
Version: 1.2.3-1
Severity: important
Tags: patch

Hi Gustavo, hi Allan!

I discovered several buffer overflows and a non-zero-terminated printf
in libgksu which cause gksudo to segfault (see changelog and patch for
details). I don't think that this error has major security
implications, therefore I leave the severity at important.

I put the patch (against our company's version 1.2.2) to

http://sqash.this.segfault.no-name-yet.com/patches/libgksu1.2.bufoverflow.d=
iff

Applying it to the unstable version will fail at the Debian changelog
(because of the different version numbers), but the source patch
applies cleanly.

Please push this change upstream.

Changelog:

|libgksu1.2 (1.2.2-1ubuntu1) warty; urgency=3Dlow
|
|  * libgksu/gksu-context.c:gksu_context_sudo_run():=20
|    - char buf[16] was repeatedly overflowed by reading/writing 256 bytes,
|    causing segfaults and improper status messages; having two buffers 'bu=
f'
|    and 'buffer' with different lengths does not really avoid errors, so '=
buf'
|    was eliminated completely=20
|    - properly zero-terminated buffer before printf()'ing it
|    (Closes: Warty bug #1060)
|
| -- Martin Pitt <mpitt@debian.org>  Tue,  7 Sep 2004 16:50:28 +0200

Thanks and have a nice day!

Martin

--=20
Martin Pitt                 Debian GNU/Linux Developer
martin@piware.de                      mpitt@debian.org
http://www.piware.de             http://www.debian.org

--gKMricLos+KVdGMg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBPdPrDecnbV4Fd/IRArs7AKDUPXbjDoLRhUKeOhRjqMluKUOXBQCgsSrZ
Am7f9S2IpM2zlhQYm1vyvdg=
=1O8u
-----END PGP SIGNATURE-----

--gKMricLos+KVdGMg--