�
Report forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <bug-hurd@gnu.org>:
Bug#113732; Package gnumach.
�
�
debian-bugs-dist@lists.debian.org�GNU Hurd Maintainers
�
Subject: Bug#113732: not paranoid enough about device name
Reply-To: Marcus Brinkmann , 113732@bugs.debian.org
Resent-From: Marcus Brinkmann
Original-Sender: Marcus Brinkmann
Resent-To: debian-bugs-dist@lists.debian.org
Resent-CC: GNU Hurd Maintainers
Resent-Date: Fri, 28 Sep 2001 00:18:01 GMT
Resent-Message-ID:
Resent-Sender: owner@bugs.debian.org
X-Debian-PR-Message: report 113732
X-Debian-PR-Package: gnumach
X-Debian-PR-Keywords:
X-Loop: owner@bugs.debian.org
Received: via spool by submit@bugs.debian.org id=B.100163575228160
(code B ref -1); Fri, 28 Sep 2001 00:18:01 GMT
Date: Fri, 28 Sep 2001 02:09:08 +0200
From: Marcus Brinkmann
To: submit@bugs.debian.org
Message-ID: <20010928020908.G1941@212.23.136.22>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.22i
Sender: Marcus Brinkmann
Delivered-To: submit@bugs.debian.org
Package: gnumach
gnumach device_open is not paranoid enough about the device name. I haven't
tried it, but I think that having 128 non-digits with no trailing zero will
make gnumach run past the buffer in dev_name_lookup.
Maybe not worth fixing for gnumach (esp as opening a device requires the
device master port anyway). But it reminds me of the broader issue of the
necessity to audit the code, esp at the borders caused by user supplied
data.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann GNU http://www.gnu.org marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de
�
�
Acknowledgement sent to Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>:
New Bug report received and forwarded. Copy sent to GNU Hurd Maintainers <bug-hurd@gnu.org>.
�
�
-t
�
From: owner@bugs.debian.org (Debian Bug Tracking System)
To: Marcus Brinkmann
Subject: Bug#113732: Acknowledgement (not paranoid enough about device name)
Message-ID:
In-Reply-To: <20010928020908.G1941@212.23.136.22>
References: <20010928020908.G1941@212.23.136.22>
X-Debian-PR-Message: ack 113732
Reply-To: 113732@bugs.debian.org
Thank you for the problem report you have sent regarding Debian.
This is an automatically generated reply, to let you know your message has
been received. It is being forwarded to the developers mailing list for
their attention; they will reply in due course.
Your message has been sent to the package maintainer(s):
GNU Hurd Maintainers
If you wish to submit further information on your problem, please send
it to 113732@bugs.debian.org (and *not* to
submit@bugs.debian.org).
Please do not reply to the address at the top of this message,
unless you wish to report a problem with the Bug-tracking system.
Darren Benham
(administrator, Debian Bugs database)
�
�
Received: (at submit) by bugs.debian.org; 28 Sep 2001 00:09:12 +0000
From Marcus.Brinkmann@ruhr-uni-bochum.de Thu Sep 27 19:09:12 2001
Return-path:
Received: from porta.u64.de [194.77.88.106]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 15mlDM-0007K8-00; Thu, 27 Sep 2001 19:09:12 -0500
Received: from (localhost) [212.23.136.22] (mail)
by porta.u64.de with asmtp (Exim 3.12 #1 (Debian))
id 15mly6-0004IB-00; Fri, 28 Sep 2001 02:57:30 +0200
Received: from marcus by localhost with local (Exim 3.32 #1 (Debian))
id 15mlDI-0004JG-00
for ; Fri, 28 Sep 2001 02:09:08 +0200
Date: Fri, 28 Sep 2001 02:09:08 +0200
From: Marcus Brinkmann
To: submit@bugs.debian.org
Subject: not paranoid enough about device name
Message-ID: <20010928020908.G1941@212.23.136.22>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.22i
Sender: Marcus Brinkmann
Delivered-To: submit@bugs.debian.org
Package: gnumach
gnumach device_open is not paranoid enough about the device name. I haven't
tried it, but I think that having 128 non-digits with no trailing zero will
make gnumach run past the buffer in dev_name_lookup.
Maybe not worth fixing for gnumach (esp as opening a device requires the
device master port anyway). But it reminds me of the broader issue of the
necessity to audit the code, esp at the borders caused by user supplied
data.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann GNU http://www.gnu.org marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de
�
�
Tags added: upstream
Request was from Samuel Thibault <samuel.thibault@ens-lyon.org>
to control@bugs.debian.org.
�
�
Received: (at control) by bugs.debian.org; 26 Dec 2005 22:49:10 +0000
From samy@implementation.labri.fr Mon Dec 26 14:49:10 2005
Return-path:
Received: from pilet.ens-lyon.fr ([140.77.167.16])
by spohr.debian.org with esmtp (Exim 4.50)
id 1Er19S-000518-60
for control@bugs.debian.org; Mon, 26 Dec 2005 14:49:10 -0800
Received: from localhost (localhost [127.0.0.1])
by pilet.ens-lyon.fr (Postfix) with ESMTP id 61DE615B833
for ; Mon, 26 Dec 2005 23:48:43 +0100 (CET)
Received: from pilet.ens-lyon.fr ([127.0.0.1])
by localhost (pilet [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id 11899-68 for ;
Mon, 26 Dec 2005 23:48:42 +0100 (CET)
Received: from implementation (lns-bzn-47f-62-147-137-170.adsl.proxad.net [62.147.137.170])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(Client did not present a certificate)
by pilet.ens-lyon.fr (Postfix) with ESMTP id 0EC0C15B796
for ; Mon, 26 Dec 2005 23:48:42 +0100 (CET)
Received: from samy by implementation with local (Exim 4.60)
(envelope-from )
id 1Er194-0001Fy-LX
for control@bugs.debian.org; Mon, 26 Dec 2005 23:48:46 +0100
Date: Mon, 26 Dec 2005 23:48:46 +0100
From: Samuel Thibault
To: control@bugs.debian.org
Subject: please
Message-ID: <20051226224846.GA4822@implementation>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.9i-nntp
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ens-lyon.fr
Delivered-To: control@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.5 required=4.0 tests=BAYES_00,ONEWORD,
RCVD_IN_SORBS,VALID_BTS_CONTROL autolearn=no
version=2.60-bugs.debian.org_2005_01_02
tags 113732 +upstream
forwarded 113732 https://savannah.gnu.org/bugs/index.php?func=detailitem&item_id=15300
thanks
Forwarded to Savannah.
�
�
Noted your statement that Bug has been forwarded to https://savannah.gnu.org/bugs/index.php?func=detailitem&item_id=15300.
Request was from Samuel Thibault <samuel.thibault@ens-lyon.org>
to control@bugs.debian.org.
�
�
Received: (at control) by bugs.debian.org; 26 Dec 2005 22:49:10 +0000
From samy@implementation.labri.fr Mon Dec 26 14:49:10 2005
Return-path:
Received: from pilet.ens-lyon.fr ([140.77.167.16])
by spohr.debian.org with esmtp (Exim 4.50)
id 1Er19S-000518-60
for control@bugs.debian.org; Mon, 26 Dec 2005 14:49:10 -0800
Received: from localhost (localhost [127.0.0.1])
by pilet.ens-lyon.fr (Postfix) with ESMTP id 61DE615B833
for ; Mon, 26 Dec 2005 23:48:43 +0100 (CET)
Received: from pilet.ens-lyon.fr ([127.0.0.1])
by localhost (pilet [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id 11899-68 for ;
Mon, 26 Dec 2005 23:48:42 +0100 (CET)
Received: from implementation (lns-bzn-47f-62-147-137-170.adsl.proxad.net [62.147.137.170])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(Client did not present a certificate)
by pilet.ens-lyon.fr (Postfix) with ESMTP id 0EC0C15B796
for ; Mon, 26 Dec 2005 23:48:42 +0100 (CET)
Received: from samy by implementation with local (Exim 4.60)
(envelope-from )
id 1Er194-0001Fy-LX
for control@bugs.debian.org; Mon, 26 Dec 2005 23:48:46 +0100
Date: Mon, 26 Dec 2005 23:48:46 +0100
From: Samuel Thibault
To: control@bugs.debian.org
Subject: please
Message-ID: <20051226224846.GA4822@implementation>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.9i-nntp
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ens-lyon.fr
Delivered-To: control@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.5 required=4.0 tests=BAYES_00,ONEWORD,
RCVD_IN_SORBS,VALID_BTS_CONTROL autolearn=no
version=2.60-bugs.debian.org_2005_01_02
tags 113732 +upstream
forwarded 113732 https://savannah.gnu.org/bugs/index.php?func=detailitem&item_id=15300
thanks
Forwarded to Savannah.
�