lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAF6-1L7qDULSvzaB2G=8y9Jkyd=SfcDBnNTxTuN0xSQxG94CHg@mail.gmail.com>
Date:	Wed, 5 Dec 2012 11:27:48 +0100
From:	Sylvain Munaut <s.munaut@...tever-company.com>
To:	linux-kernel@...r.kernel.org
Cc:	Jeff Mahoney <jeffm@...e.com>
Subject: Wrong length / buffer overlow by the syslog syscall

Hi,

I was debugging a segfault in the 'dmesg' utility that I finally
traced to the syslog syscall overflowing the buffer.
I'm under a 3.6.8 kernel and it has commit
e3756477aec028427fec767957c0d4b6cfb87208 present which apparently
fixed a similar issue, but I still have some occurence.

strace dmesg -s 8192

shows:

syslog(0x3, 0xb4e060, 0x2008)           = 8259

so despite being given a buffer of 8200 bytes, it writes 8259 ...

It happens on several machines and this only seem to happen if there
was a wrap around in the log buffer (it's a first observation on a
limited number of sample so it might be a coincidence)


Cheers,

    Sylvain

PS: Please cc me in any response, I'm not on the list.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ