Wow - this is a Y2K bug; welcome to the 21st century!
looking at src/console.c we have in aff_date:
char cdate[19];
sdate = localtime (&temps);
#ifdef ENGLISH
sprintf (cdate, " %02d-%02d-%02d %02d:%02d",
sdate->tm_year, sdate->tm_mon + 1, sdate->tm_mday,
sdate->tm_hour, sdate->tm_min);
#else
sprintf (cdate, " %02d/%02d/%02d %02d:%02d",
sdate->tm_mday, sdate->tm_mon + 1, sdate->tm_year,
sdate->tm_hour, sdate->tm_min);
#endif
the problem is that sdate->tm_year is 112 which makes the sprintf print
a string like
" 112-08-19 16:58"
which is 19 characters, add the \0 terminator and it's 20 characters - so it is
a buffer overrun.
Dave
** Changed in: fbb (Ubuntu)
Status: Confirmed => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/771589
Title:
fbb buffer overflow
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fbb/+bug/771589/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
