[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] Re: Bug#212612: Buffer overflow in ftp
From: |
Robert Millan |
Subject: |
[bug-inetutils] Re: Bug#212612: Buffer overflow in ftp |
Date: |
Thu, 25 Sep 2003 13:25:52 +0000 |
User-agent: |
Mutt/1.5.4i |
>From Debian BTS:
On Wed, Sep 24, 2003 at 08:49:28PM +0200, Beno?t Sibaud wrote:
> Package: inetutils-ftp
> Version: 1.4.2+20030703-7
>
> Test on an uptodate x86 Sid.
>
> $ ftp
> ftp> mput
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
> Segmentation fault
>
> 444 a => "Not connected"
> 445 a => "?Ambiguous command"
> 446 a => "?Invalid command"
> 447 a => Segmentation fault
>
> With /usr/bin/ftp:
>
> (gdb) backtrace
> #0 0x08051970 in ?? ()
> #1 0x40042caa in add_history () from /lib/libreadline.so.4
> #2 0x08051831 in ?? ()
> #3 0x61616161 in ?? ()
> #4 0x08066078 in ?? ()
> #5 0xbffff9b8 in ?? ()
> #6 0x08051818 in ?? ()
>
> With the compiled unstripped version:
>
> #0 0x08052040 in getcmd (name=0x61616161 <Address 0x61616161 out of
> #bounds>)
> at
> /home/ruffy/inetutils-1.4.2+20030703/build-tree/inetutils-20030703/ftp/mai
> n.c:391
> 391 for (c = cmdtab; (p = c->c_name); c++)
> (gdb) backtrace
> #0 0x08052040 in getcmd (name=0x61616161 <Address 0x61616161 out of
> #bounds>)
> at
> /home/ruffy/inetutils-1.4.2+20030703/build-tree/inetutils-20030703/ftp/mai
> n.c:391
> #1 0x08051ee7 in cmdscanner (top=1) at
> #/home/ruffy/inetutils-1.4.2+20030703/build-tree/inetutils-20030703/ftp/ma
> #in.c:355 2 0x08051ced in main (argc=1, argv=0xbffff958) at
> #/home/ruffy/inetutils-1.4.2+20030703/build-tree/inetutils-20030703/ftp/ma
> #in.c:233
>
> Build-depends
> ii cdbs 0.4.8 common
> build system for Debian packages
> ii debhelper 4.1.74 helper
> programs for debian/rules
> ii libreadline4-dev 4.3-5 GNU
> readline and history libraries, development files
> ii libpam0g-dev 0.76-14
> Development files for PAM
> ii libopie-dev 2.32-8.1 OPIE
> library development files.
> Depends
> ii libc6 2.3.2-8 GNU C
> Library: Shared libraries and Timezone data
> ii libncurses5 5.3.20030719-2 Shared
> libraries for terminal handling
> ii libreadline4 4.3-5 GNU
> readline and history libraries, run-time libraries
> ii zlib1g 1.1.4-15
> compression library - runtime
>
> --
> Beno?t Sibaud
>
>
--
Robert Millan
"[..] but the delight and pride of Aule is in the deed of making, and in the
thing made, and neither in possession nor in his own mastery; wherefore he
gives and hoards not, and is free from care, passing ever on to some new work."
-- J.R.R.T, Ainulindale (Silmarillion)
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-inetutils] Re: Bug#212612: Buffer overflow in ftp,
Robert Millan <=