Clone for rhel3/rhel2.1
+++ This bug was initially created as a clone of Bug #172669 +++
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.12) Gecko/20050922
Description of problem:
The latest update to cpio is being killed after a buffer overflow is detected.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
cpio is given a large hierarchy of files and started using "cpio -o --format=crc"
-- Additional comment from firstname.lastname@example.org on 2005-11-10 09:03 EST --
file_hdr->c_ino, file_hdr->c_mode, file_hdr->c_uid,
file_hdr->c_gid, file_hdr->c_nlink, file_hdr->c_mtime,
file_hdr->c_filesize, file_hdr->c_dev_maj, file_hdr->c_dev_min,
file_hdr->c_rdev_maj, file_hdr->c_rdev_min, file_hdr->c_namesize,
cpio assumes the filesize is at most 8 digits in size... and that's not right.
If it's more, this buffer will indeed overflow....
this probably wants to use asprintf() or so
-- Additional comment from email@example.com on 2005-11-10 13:07 EST --
Please note that this is only a security issue on 64 bit platforms.
This issue should also affect RHEL2.1 and RHEL3
Created attachment 148861 [details]
patch fixing buffer overflow on 64bit systems for cpio-2.5
This issue has been addressed in following products:
Red Hat Enterprise Linux 3
Via RHSA-2010:0145 https://rhn.redhat.com/errata/RHSA-2010-0145.html