[tickets] [opensaf:tickets] #1089 immtools: buffer overflow in log_stderr_int in immcfg

Zoran Milinkovic Wed, 01 Oct 2014 05:36:08 -0700

- **status**: review --> fixed
- **Comment**:

opensaf-4.3.x:


changeset:   5948:32afdc0a8169
branch:      opensaf-4.3.x
parent:      5940:665f39cbd878
user:        Zoran Milinkovic <[email protected]>
date:        Tue Sep 23 10:45:42 2014 +0200
summary:     immtools: allocate enough memory for long log format in immcfg 
[#1089]

-----

opensaf-4.4.x:

changeset:   5949:85358c92df21
branch:      opensaf-4.4.x
parent:      5941:cc6b206093ae
user:        Zoran Milinkovic <[email protected]>
date:        Tue Sep 23 10:45:42 2014 +0200
summary:     immtools: allocate enough memory for long log format in immcfg 
[#1089]

-----

opensaf-4.5.x:

changeset:   5950:0ae2dbe544db
branch:      opensaf-4.5.x
parent:      5946:80bc363dd5ec
user:        Zoran Milinkovic <[email protected]>
date:        Tue Sep 23 10:45:42 2014 +0200
summary:     immtools: allocate enough memory for long log format in immcfg 
[#1089]

-----

default(4.6):

changeset:   5951:86ec07bc91bc
tag:         tip
parent:      5947:1c9578f2fba3
user:        Zoran Milinkovic <[email protected]>
date:        Tue Sep 23 10:45:42 2014 +0200
summary:     immtools: allocate enough memory for long log format in immcfg 
[#1089]



---

** [tickets:#1089] immtools: buffer overflow in log_stderr_int in immcfg**

**Status:** fixed
**Milestone:** 4.3.3
**Created:** Mon Sep 15, 2014 02:46 PM UTC by Zoran Milinkovic
**Last Updated:** Tue Sep 30, 2014 09:36 AM UTC
**Owner:** Zoran Milinkovic

In log_stderr_int() in immcfg for long log message (more than 1024 characters), 
sprintf causes a buffer overflow.
This problem may occur very often if a message contains an object with long DN.


---

Sent from sourceforge.net because [email protected] is 
subscribed to https://sourceforge.net/p/opensaf/tickets/

To unsubscribe from further messages, a project admin can change settings at 
https://sourceforge.net/p/opensaf/admin/tickets/options.  Or, if this is a 
mailing list, you can unsubscribe from the mailing list.

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk

_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets

[tickets] [opensaf:tickets] #1089 immtools: buffer overflow in log_stderr_int in immcfg

Reply via email to