[Pkg-sysvinit-devel] Bug#368793: sysvinit: Overflow caused by
strcpy()
Petter Reinholdtsen
pere at hungry.com
Fri Jul 14 10:56:03 UTC 2006
Sad that valgrind didn't report anything useful. :(
Reading through the use of strcpy() in last.c, I only find one place
where the destination buffer might be to small:
350 int list(struct utmp *p, time_t t, int what)
351 {
352 time_t secs, tmp;
353 char logintime[32];
[...]
389 tmp = (time_t)p->ut_time;
390 strcpy(logintime, ctime(&tmp)); /* XXX */
[...]
484 return 0;
485 }
Could this be the problematic strcpy()? Without a backtrace, it is
hard to tell. I'm not sure how to find out.
Can you check if it help to increase the logintime buffer size? Are
you able to get a backtrace with line numbers for this error, so we
can verify the position in the source where it crashes?
Friendly,
--
Petter Reinholdtsen
More information about the Pkg-sysvinit-devel
mailing list