On 4/30/15 4:59 PM, Chet Ramey wrote:
>> Fix:
>> Use strncpy() in place of strcpy() in lib/sh/unicode.c:
>>
>> --- /tmp/bash-4.3.30/lib/sh/unicode.c 2014-01-30 21:47:19.0 +
>> +++ ./bash-4.3.30/lib/sh/unicode.c 2015-04-30 18:03:42.300340729 +
>> @@ -78,7 +78,8 @@
>>s =
On 4/30/15 2:13 PM, Trammell Hudson wrote:
> Bash Version: 4.3
> Patch Level: 30
> Release Status: release
>
> Description:
> Overly long LC_ALL or LC_CTYPE variables can cause a buffer overflow
> in converting 32-bit unicode characters. The stub_charset() function
> calls strcpy() into a static
2015-04-30 18:13:48 +, Trammell Hudson:
[...]
> Overly long LC_ALL or LC_CTYPE variables can cause a buffer overflow
> in converting 32-bit unicode characters. The stub_charset() function
> calls strcpy() into a static 40-byte buffer for the charset, which
> can be overflowed if the charset po
Configuration Information [Automatically generated, do not change]:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='x86_64'
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='x86_64-unknown-linux-gnu'
-DCONF_VENDOR='unknown' -DLOCALEDIR='/usr/local/share
