Dave Kleikamp wrote: > On Thu, 2009-04-02 at 11:29 -0400, Michael Peek wrote: > >> *** %n in writable segment detected *** >> >> > Interesting. I had no idea what "%n in writable segment detected" meant > until I googled it. I'm guessing the file name being printed has the > string "%n" in it. The %n field modifies the argument passed in, so it > can be a security vulnerability. glibc detects this and kills the > process. > >
Aha! Now I have something to go on. (Google, why didn't I think of that!?) > I think this patch should fix the problem. You can download the > jfsutils source from http://jfs.sourceforge.net/source.html#latesrc > I tried the latest 1.1.13, but it has the same problem. So I ran it under gdb and traced the problem to fsck/fsck_message.c, to the function v_fsck_send_msg(). There is a section that reads: if (message->msg_level <= msg_lvl) { printf(msg_string); if (dbg_output) { printf(debug_detail); } else printf("\n"); } It's the printf(msg_string) that is causing the trouble. When I changed this section from the above to: if (message->msg_level <= msg_lvl) { /* printf(msg_string); */ puts(msg_string); if (dbg_output) { printf(debug_detail); } else printf("\n"); } Everything works fine. And all I did was substitute puts() for printf(). Michael ------------------------------------------------------------------------------ _______________________________________________ Jfs-discussion mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jfs-discussion
