[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: texinfo vulnerability still working in 4.11

From: Karl Berry
Subject: Re: texinfo vulnerability still working in 4.11
Date: Fri, 16 Nov 2007 17:46:58 -0600

    info --file="%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x."

Thanks for the report.  I'll fix it as soon as I can, unless someone
else here can provide a patch.  One expedient fix (worked for me anyway)
is included below and is in Texinfo CVS now.  I think a better fix would
be to double any % characters in filename in the filesys_error_string
function, which I'll try to get to soon.  (The best fix would be to
implement error handling completely differently, but I can't undertake

I'm just as happy you didn't send a fully-working exploit to make things
easy for the crackers.


--- info.c.~1.21.~      2007-09-21 15:49:26.000000000 -0700
+++ info.c      2007-11-16 15:37:54.000000000 -0800
@@ -570,3 +570,6 @@
       fprintf (stderr, "%s: ", program_name);
-      fprintf (stderr, format, arg1, arg2);
+      if (arg1)
+        fprintf (stderr, format, arg1, arg2);
+      else
+        fputs (format, stderr);
       fprintf (stderr, "\n");

reply via email to

[Prev in Thread] Current Thread [Next in Thread]