[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"cvs admin -m" causes segmentation faults

From: Matthias Scheler
Subject: "cvs admin -m" causes segmentation faults
Date: Mon, 17 Oct 2005 12:56:03 +0100
User-agent: Mutt/


I tried to correct a typo in a very commit message today (more than 4KB)
with a command like this one:

cvs admin "-m1.42:foobar
[many more lines]
foobar" dirname/filename

"cvs" died with a segmentation fault. I shortened the CVS commit message
by several lines and "cvs admin" worked. I readded a few lines, the local
"cvs" process worked fine but the remote "cvs server" process crashed. It
looks to me like a buffer overflow which can be abused to gain shell
access to a remote CVS server.

This is with CVS 1.11.20 under NetBSD-i386 3.0_BETA.

        Kind regards

Matthias Scheler                                  http://scheler.de/~matthias/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]