Your message dated Mon, 24 Sep 2018 23:41:23 -0700
with message-id <[email protected]>
and subject line Re: Fixed size array in sqsh leads to crash
has caused the Debian Bug report #313386,
regarding Fixed size array in sqsh leads to crash
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
313386: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313386
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sqsh
Version: 2.1-6
You don't even need to connect to a DB server:
$ uname -a
Linux hilfy 2.6.10-1-k7 #1 Fri Mar 11 03:13:32 EST 2005 i686 GNU/Linux
$ dpkg -s libc6 | grep ^Version
Version: 2.3.2.ds1-22
$ sqsh -C 'select 1e70'
sqsh-2.1 Copyright (C) 1995-2001 Scott C. Gray
This is free software with ABSOLUTELY NO WARRANTY
For more information type '\warranty'
Password:
Segmentation fault
I think it would be hard to exploit this particular bug. However, an
examination of the source reveals many fixed size arrays.
Regards,
Giuliano.
--- End Message ---
--- Begin Message ---
Version: 2.1.7-1
This test case does not crash with 2.1.7-4; I believe the problem is fixed
upstream as of 2.1.7-1.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
[email protected] [email protected]
signature.asc
Description: PGP signature
--- End Message ---
