[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fwd: Help needed with bufferoverflow in cvs]
From: |
Donald Sharp |
Subject: |
Re: [Fwd: Help needed with bufferoverflow in cvs] |
Date: |
Fri, 22 Feb 2002 13:01:36 -0500 |
User-agent: |
Mutt/1.2.4i |
huh -
On a sun box:
donsharp-u5:169> cvs -f diff -C111111111111 checkin.c
Index: checkin.c
===================================================================
RCS file: /home2/cvsroot/ccvs/src/checkin.c,v
retrieving revision 1.41
diff -C111111111111 -r1.41 checkin.c
cvs [server aborted]: out of memory; can not allocate 4294967232 bytes
donsharp-u5:164> cvs -v
Concurrent Versions System (CVS) 1.11.1.1 (client/server)
Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
Jeff Polk, and other authors
CVS may be copied only under the terms of the GNU General Public License,
a copy of which can be found with the CVS distribution kit.
Specify the --help option for further information about CVS
donsharp-u5:165>
donsharp-u5:165> uname -a
SunOS donsharp-u5 5.6 Generic_105181-15 sun4u sparc SUNW,Ultra-5_10
donsharp-u5:166
On a linux box:
[sharpd@yonk src]$ cvs -f diff -C111111111111 checkin.c
Index: checkin.c
===================================================================
RCS file: /work/repository/ccvs/src/checkin.c,v
retrieving revision 1.1.1.1
diff -C111111111111 -r1.1.1.1 checkin.c
cvs [diff aborted]: out of memory; can not allocate 4294967232 bytes
[sharpd@yonk src]$
[sharpd@yonk src]$ cvs -v
Concurrent Versions System (CVS) 1.11.1.1 (client/server)
Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
Jeff Polk, and other authors
CVS may be copied only under the terms of the GNU General Public License,
a copy of which can be found with the CVS distribution kit.
Specify the --help option for further information about CVS
[sharpd@yonk src]$ uname -a
Linux yonk.pinkbelly.org 2.4.8-26mdk #1 Sun Sep 23 17:06:39 CEST 2001 i686
unknown
I have insufficient memory. But why would you expect this to be a
security hole?
donald
On Fri, Feb 22, 2002 at 09:34:00AM -0800, Crist J. Clark wrote:
> On Thu, Feb 21, 2002 at 10:21:05AM -0500, Larry Jones wrote:
> [snip]
>
> > > This is 1.10.7-7; do you have the patch for this problem handy?
> >
> > The best fix is to upgrade to a reasonably current release of CVS, which
> > you can get from www.cvshome.org. The current release is 1.11.1p1. If
> > you insist on patching an obsolete version:
>
> Well, if that was his problem, there still appears to be one.
>
> $ cvs -v
>
> Concurrent Versions System (CVS) 1.11.1p1-FreeBSD (client/server)
>
> Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
> Jeff Polk, and other authors
>
> CVS may be copied only under the terms of the GNU General Public License,
> a copy of which can be found with the CVS distribution kit.
>
> Specify the --help option for further information about CVS
>
> Which looks like the current release. This is a FreeBSD 4.5-RELEASE
> system, BTW. And I get,
>
> $ cvs -f diff -C111111111111 ip_fw.c
> Index: ip_fw.c
> ===================================================================
> RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
> retrieving revision 1.131.2.31
> diff -C111111111111 -r1.131.2.31 ip_fw.c
> Segmentation fault (core dumped)
>
> The fault is not at the code you quoted, but I'm seg faulting,
>
> (gdb) run -fq diff -C`perl -e 'print "1" x 11'`
> /export/current/src/sys/netinet/ip_fw.c
> Starting program: /var/tmp/export/stable/src/gnu/usr.bin/cvs/cvs/cvs -fq
> diff -C`perl -e 'print "1" x 11'` /export/current/src/sys/netinet/ip_fw.c
> Index: /export/current/src/sys/netinet/ip_fw.c
> ===================================================================
> RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
> retrieving revision 1.181
> diff -C11111111111 -r1.181 ip_fw.c
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x8099b7e in discard_confusing_lines (filevec=0xbfbff38c)
> at
> /export/stable/src/gnu/usr.bin/cvs/libdiff/../../../../contrib/cvs/diff/analyze.c:431
> (gdb)
>
> Sorry, I have not looked in to it more closely than this.
> --
> Crist J. Clark | cjclark@alum.mit.edu
> | cjclark@jhu.edu
> http://people.freebsd.org/~cjc/ | cjc@freebsd.org
>
> _______________________________________________
> Bug-cvs mailing list
> Bug-cvs@gnu.org
> http://mail.gnu.org/mailman/listinfo/bug-cvs
- Re: [Fwd: Help needed with bufferoverflow in cvs], (continued)
Re: [Fwd: Help needed with bufferoverflow in cvs], Larry Jones, 2002/02/20
Re: [Fwd: Help needed with bufferoverflow in cvs], Tollef Fog Heen, 2002/02/22