Security: gsu

From: Chris Evans <chris ferret lmh ox ac uk>
To: Havoc Pennington <hp pobox com>
cc: gnome-list gnome org, security-audit ferret lmh ox ac uk
Subject: Security: gsu
Date: Thu, 25 Feb 1999 20:48:20 +0000 (GMT)


Hi,

Will only affect if built without PAM support. (I think)

gsu-helper.c

Func: helper_read_password()
{
  char password[BUFSIZ];
  int len;

  ... reads user supplied value into len ....
  ... I'm a bad guy so I pick -1 :-) ---

  if (len+1 > BUFSIZ) { get_out };

  .. we pass the check ..

  read(user_supplied_data, password, len);

and oh dear :-)

The signed/unsigned issues seem to be cropping up more and more...

Chris

Follow-Ups:
- Re: Security: gsu
  - From: Martin Baulig

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]