bin/148733: a potential buffer overflow in sh(1)
Jilles Tjoelker
jilles at stack.nl
Thu Jul 29 21:40:03 UTC 2010
The following reply was made to PR bin/148733; it has been noted by GNATS.
From: Jilles Tjoelker <jilles at stack.nl>
To: bug-followup at FreeBSD.org, snnn119 at gmail.com
Cc:
Subject: Re: bin/148733: a potential buffer overflow in sh(1)
Date: Thu, 29 Jul 2010 23:38:55 +0200
> [buffer overflow in sh(1) pathname generation]
You are right, there is a possible heap buffer overflow here. It is
rather unlikely in normal usage because the kernel does not accept
pathnames longer than 1023 bytes, but still possible.
--
Jilles Tjoelker
More information about the freebsd-bugs
mailing list