Hello,
I tried to correct a typo in a very commit message today (more than 4KB)
with a command like this one:
cvs admin "-m1.42:foobar
[...]
[many more lines]
[...]
foobar" dirname/filename
"cvs" died with a segmentation fault. I shortened the CVS commit message
by several lines and "cvs admin" worked. I readded a few lines, the local
"cvs" process worked fine but the remote "cvs server" process crashed. It
looks to me like a buffer overflow which can be abused to gain shell
access to a remote CVS server.
This is with CVS 1.11.20 under NetBSD-i386 3.0_BETA.
Kind regards
--
Matthias Scheler http://scheler.de/~matthias/
_______________________________________________
Bug-cvs mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/bug-cvs
