120343 – net-tools potential buffer overflows

Bug 120343 - net-tools potential buffer overflows

Summary: net-tools potential buffer overflows

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	net-tools
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Phil Knirsch
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-04-07 21:19 UTC by Steve Grubb
Modified:	2015-03-05 01:13 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2004-04-15 16:01:04 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Patch that fixes overflows (2.04 KB, patch) 2004-04-07 21:20 UTC, Steve Grubb	no flags	Details \| Diff
View All

Description Steve Grubb 2004-04-07 21:19:32 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.4.2)
Gecko/20040308

Description of problem:
During a code review, I found a couple cases where there was a
potential for buffer overflow in the netstat utility. I think a buffer
of 1024 was being strcat'ed to a buffer of 128. I'm not sure of the
likelihood that this could be used to crash the program, but the fix
is easy enough.

Version-Release number of selected component (if applicable):
net-tools-1.60

How reproducible:
Didn't try

Steps to Reproduce:
Found during code review

Additional info:

I will attach a patch that fixes this issue.

Comment 1 Steve Grubb 2004-04-07 21:20:58 UTC

Created attachment 99208 [details]
Patch that fixes overflows

Please apply before fedora core 2 final

Comment 2 Phil Knirsch 2004-04-15 16:01:04 UTC

Included in latest net-tools for FC2.

Thanks,

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.