I think that this is a security bug. If you make the 'control' file have
Architecture: %08x.%08x.%08x.%08x.%08x and run --build, it will print five parameters from the stack. # ./dpkg-deb --build /var/tmp/ok/ dpkg-deb: warning: parsing file '/var/tmp/ok//DEBIAN/control' near line 2 package 'backup:016b0150.00449f58.00000001.00000001.00000018': '�D' is not a valid architecture name: %08x.%08x.%08x.%08x.%08x dpkg-deb: warning: parsing file '/var/tmp/ok//DEBIAN/control' near line 4 package 'backup:00449077.00449af0.00000001.00000001.01bb5790': missing maintainer dpkg-deb: error: parsing file '/var/tmp/ok//DEBIAN/control' near line 4 package 'backup:00449082.00449af0.00000001.00000001.01bb5790': missing version This can also be used to overwrite/rewrite the stack, using %n, too. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1389135 Title: dpkg / dpkg-deb segfault -- possible format string bug/vuln? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1389135/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
