Bug 26763 - buffer overflow for m4
buffer overflow for m4
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: m4 (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Florian La Roche
David Lawrence
Florence RC-1
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-02-08 19:41 EST by Chris Ricker
Modified: 2007-04-18 12:31 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-09 18:07:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Chris Ricker 2001-02-08 19:41:50 EST
m4-1.4.1-3

The m4 shipping in beta three is vulnerable to the buffer overflows
currently being discussed on bugtraq

[root@station12 /root]# m4 -G %n
m4: Segmentation fault (core dumped)
[root@station12 /root]# m4 -G %n%n
m4: Segmentation fault (core dumped)
[root@station12 /root]# m4 -G %x  
m4: 80499d9: No such file or directory
[root@station12 /root]# m4 -G %qx
m4: bffff8ec080499d9: No such file or directory
[root@station12 /root]#
Comment 1 Glen Foster 2001-02-09 18:07:21 EST
This defect is considered MUST-FIX for Florence Release-Candidate #1
Comment 2 Florian La Roche 2001-02-13 08:32:13 EST
I have fied the above one and found another similar case. Both are fixed in the
current rpm.
Thanks for this report.

Note You need to log in before you can comment on or make changes to this bug.