Red Hat Bugzilla – Bug 123343
libia32x.so does not check size of env var before copying it to local var
Last modified: 2008-05-01 11:38:06 EDT
Description of problem:
in development mode, libia32x.so copies the contents of HOME
environment variable into a local variable. this is done without
ensuring that the local buffer is big enough for that operation.
in development mode **ONLY**, this can result with buffer overrun.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
this problem is only in development mode. in production mode - the
makefile ensures that this piece of code is never built by setting
the SYSBTG variable.
Created attachment 100270 [details]
check the size of env variable before copying it into a local var
this patch goes on top of fix_fast_syscall.patch which was submitted to bug
this is fixed in v5. i believe it should be closed.