Package: findutils
Version: 4.2.31-4
Severity: important
Hi,
The first line in the function list_file() in file lib/listfile.c looks
as follows:
char modebuf[11];
This variable is then passed on to a function strmode:
strmode (statp->st_mode, modebuf);
That function is found in gnulib/lib/filemode.c, and contains the
following (amongst others):
void
strmode (mode_t mode, char *str)
{
[...]
str[11] = '\0';
}
This call is off by one, resulting in stack corruption. On m68k, the
overwritten data is the frame pointer of list_file()'s calling function,
resulting in a segfault when list_file tries to restore that frame
pointer to the right register.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.23-1-powerpc
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages findutils depends on:
ii libc6 2.7-6 GNU C Library: Shared libraries
findutils recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
