tags 596435 pending thanks Already applied to git repository and it will be released soon.
Thank you very much! 2010/9/11 Daniel Tschan <[email protected]<tschan%[email protected]> > > Package: fakechroot > Version: 2.10-2 > Severity: important > Tags: patch > > The getsockname function in libfakechroot.c ignores the namelen parameter > and > overruns the buffer given as name if *namelen is less than sizeof(struct > sockaddr_un). > > This can be triggered by executing: fakechroot host 127.0.0.1 > glibc detects the buffer overrun and kills the process: > *** stack smashing detected ***: host terminated > > According to recent getsockname(2) man pages the result must be truncated > if it's longer > than *namelen. *namelen should then be set to the length of the complete > result so that > the caller can recognize that the result has been truncated. See attached > patch for a > corresponding solution. > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.18-194.11.1.el5 (SMP w/2 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages fakechroot depends on: > ii libc6 2.11.2-5 Embedded GNU C Library: Shared > lib > > fakechroot recommends no packages. > > Versions of packages fakechroot suggests: > pn libc6-i386 <none> (no description available) > > -- no debconf information >
