Subject: buffer overflow in /usr/share/doc/netcat/examples/data/rservice.c Package: netcat Version: 1.10-29 Severity: minor
Hello, I have found a buffer overflow in the file /usr/share/doc/netcat/examples/data/ rservice.c. It is included as source but not as a binary in the package. If you copy it from that path, compile it and run it, you will find that it will segfault when you give it long data on the command line: [EMAIL PROTECTED]:~/netcat.data$ cp /usr/share/doc/netcat/examples/data/* . [EMAIL PROTECTED]:~/netcat.data$ make cc -s -O -o data data.c data.c: In function 'main': data.c:91: warning: incompatible implicit declaration of built-in function 'memset' data.c:120: warning: pointer targets in assignment differ in signedness data.c:158: warning: incompatible implicit declaration of built-in function 'exit' data.c:166: warning: pointer targets in assignment differ in signedness data.c:242: warning: pointer targets in assignment differ in signedness data.c:262: warning: pointer targets in assignment differ in signedness cc -s -O -o rservice rservice.c rservice.c: In function 'main': rservice.c:29: warning: incompatible implicit declaration of built-in function 'memset' rservice.c:36: warning: incompatible implicit declaration of built-in function 'strlen' rservice.c:37: warning: incompatible implicit declaration of built-in function 'memcpy' rservice.c:63: warning: incompatible implicit declaration of built-in function 'exit' cc -s -O -o xor xor.c xor.c: In function 'main': xor.c:52: warning: incompatible implicit declaration of built-in function 'memset' xor.c:88: warning: incompatible implicit declaration of built-in function 'exit' xor.c:90: warning: incompatible implicit declaration of built-in function 'exit' [EMAIL PROTECTED]:~/netcat.data$ ./rservice a b c | cat -A [EMAIL PROTECTED]@[EMAIL PROTECTED]@$ [EMAIL PROTECTED]:~/netcat.data$ ./rservice `perl -e 'print "U" x 1995;'` a b Segmentation fault [EMAIL PROTECTED]:~/netcat.data$ Feel free to patch it, remove the file from the package, or ignore this bug. // Ulf Harnhammar, Debian Security Audit Project -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages netcat depends on: ii libc6 2.3.5-8 GNU C Library: Shared libraries an netcat recommends no packages. -- no debconf information -- _______________________________________________ Surf the Web in a faster, safer and easier way: Download Opera 8 at http://www.opera.com Powered by Outblaze
