Red Hat Bugzilla – Bug 257281
xisdnload - buffer overflow
Last modified: 2013-04-12 15:19:41 EDT
Description of problem:
The xisdnload crashs with the backstrace below:
# *** buffer overflow detected ***: xisdnload terminated
======= Backtrace: =========
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Let it running for some time.
Crash by overflow
I'm attaching a patch replacing sprintf with snprintf as that ISDN link
status string can be larger than buffer allocated.
This patch is tested and works.
Created attachment 174081 [details]
Patch fixing buffer overflow replacing sprintf with snprintf.
I've investigated this crash and it doesn't look like it's a security flaw. The
crash is the result of ISDN statistics being improperly copied into a static
buffer. The statistics are not attacker controllable.
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.