Bug#609096: Buffer overflow in xdigger with long argv[0]

Silvio Cesare silvio.cesare at gmail.com
Thu Jan 6 05:47:16 UTC 2011

Package: xdigger
Version: 1.0.10-13
Severity: important
Tags: security

There is a buffer overflow in xdigger.

  strcpy(progname, argv[0]);

I confirmed execv* with a long argv[0] crashes xdigger.

Some other cases in the sound module with copying and strcating pargv/argv
might be worth looking at also. I have not investigated further. Nor have I
investigated exploitability.

xdigger is SGID games.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20110106/ee21bda9/attachment.htm>

More information about the Pkg-games-devel mailing list