Fwd: buffer overrun in zlib 1.1.4
kelledin+LFS at skarpsey.dyndns.org
Sun Feb 23 18:38:38 PST 2003
While we're at it, revised patch. This fixes a possible bug in
the vsnprintf-specific codepath. It also modifies the
vsprintf-specific codepath (not sure why I'm bothering); we
can't get rid of the buffer overflow there, but we can at least
fix the string-format vuln and tweak performance a bit. It also
applies our fixes to a preprocessor path taken only if the
compiler isn't ANSI-compliant, so the fixes are supposedly now
However, the fixes may break systems that don't include a proper
C99-compliant sprintf/snprintf/vsprintf/vsnprintf function.
Current LFS and recent glibc versions are not affected by this.
Also, as our local LFS guy jsmaby pointed out, we might need a
better testcase to make sure the modified gzprintf() works.
Most binaries (including file) apparently don't even bother to
call the bloody function directly. Fortunately, the "example"
utility built in the zlib source tree does call gzprintf(), and
it still produces the correct output. So maybe that's all we
need (woot! :D)
"If a server crashes in a server farm and no one pings it, does
it still cost four figures to fix?"
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message
More information about the lfs-dev