[PATCH]: buffer overflow in libcommoncpp2-dev on 64 bit arch
Tristan Matthews
tristan.matthews at savoirfairelinux.com
Fri Nov 16 21:23:40 UTC 2012
Package: libcommoncpp2-dev
Version: 1.8.1-5
Severity: important
Due to a buffer overflow bug in libcommoncpp2-dev, if a program is run while gethostbyname is unable to resolve an address (or with a bad address), said program will crash with a buffer overflow on 64 bit machines.
This is due to a bad memset. This bug currently affects SFLphone.
I've attached a simple testcase and patch. The testcase can be compiled with:
c++ test.cpp -o test `pkg-config --cflags --libs libccgnu2`
The patch fixes the bad memset, where sizeof is the size of the in_addr struct instead of the sizeof a in_addr pointer.
Best,
Tristan
--
Tristan Matthews
Développeur de logiciels libres
tristan.matthews at savoirfairelinux.com
Ligne directe: 514-276-5468 poste 190
Fax : 514-276-5465
7275 Saint Urbain
Bureau 200
Montréal, QC, H2R 2Y5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.cpp
Type: text/x-c++src
Size: 253 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20121116/e2ca5968/attachment.cpp>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: inaddr.cpp
Type: text/x-c++src
Size: 11921 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20121116/e2ca5968/attachment-0001.cpp>
More information about the Pkg-voip-maintainers
mailing list