Paul Eggert [EMAIL PROTECTED] wrote:
Georgi Guninski [EMAIL PROTECTED] writes:
The heap is quite screwed, but ls is killed by the kernel due to
memory usage.
Thanks for reporting the bug. As it happens, I had already been
preparing a more general patch for address arithmetic overflow bugs
Hi,
There is a non exploitable integer overflow in /bin/ls.
Check the following:
/opt/bin/valgrind /bin/ls -w 1073741828 -C
==21243== Invalid write of size 4
==21243==at 0x804E498: (within /bin/ls)
==21243==by 0x804CC3C: (within /bin/ls)
==21243==by 0x804B721: (within /bin/ls