lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: dentonj at gmail.com (Jeffrey Denton)
Subject: some small bugs.

On Sat, 14 Aug 2004 23:32:06 +0200, Gabriele Galadini
<gabriele@...anet.it> wrote:

>  mtv@...cuzio~$ export HOME=`perl -e 'print "A" x 4387'`
>  mtv@...cuzio~$ dpsinfo
>  Segmentation fault
>  mtv@...cuzio~$ export HOME=`perl -e 'print "A" x 5763'`
>  mtv@...cuzio~$ dpsexec
>  Segmentation fault

Misc useless info, libsafe stops these, ummm, bugs.

$ dpsinfo                                
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/X11R6/bin/dpsinfo.
    uid=1000  euid=1000  pid=8614
Call stack:
    0x400189c0  /lib/libsafe.so.2.0.16
    0x40018ab4  /lib/libsafe.so.2.0.16
    0x4004b3a3  /usr/X11R6/lib/libdps.so.1.0
    0x4004b33f  /usr/X11R6/lib/libdps.so.1.0
    0x4004b4ed  /usr/X11R6/lib/libdps.so.1.0
    0x4004902f  /usr/X11R6/lib/libdps.so.1.0
    0x40047ff5  /usr/X11R6/lib/libdps.so.1.0
    0x400423e1  /usr/X11R6/lib/libdps.so.1.0
    0x4004165f  /usr/X11R6/lib/libdps.so.1.0
    0x40040324  /usr/X11R6/lib/libdps.so.1.0
    0x8048d56   /usr/X11R6/bin/dpsinfo
    0x401f3d01  /lib/libc-2.3.2.so
    0x401f3d01  /lib/libc-2.3.2.so
Overflow caused by strcpy()
Killed
$ dpsexec                                
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/X11R6/bin/dpsexec.
    uid=1000  euid=1000  pid=8615
Call stack:
    0x400189c0  /lib/libsafe.so.2.0.16
    0x40018ab4  /lib/libsafe.so.2.0.16
    0x4004b3a3  /usr/X11R6/lib/libdps.so.1.0
    0x4004b33f  /usr/X11R6/lib/libdps.so.1.0
    0x4004b4ed  /usr/X11R6/lib/libdps.so.1.0
    0x4004902f  /usr/X11R6/lib/libdps.so.1.0
    0x40047ff5  /usr/X11R6/lib/libdps.so.1.0
    0x400423e1  /usr/X11R6/lib/libdps.so.1.0
    0x4004165f  /usr/X11R6/lib/libdps.so.1.0
    0x40040324  /usr/X11R6/lib/libdps.so.1.0
    0x8049015   /usr/X11R6/bin/dpsexec
    0x401f3d01  /lib/libc-2.3.2.so
Overflow caused by strcpy()
Killed

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ