Bugs item #3603893, was opened at 2013-02-08 17:47
Message generated for change (Tracker Item Submitted) made by 
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603893&group_id=95403

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: Yes
Submitted By: https://www.google.com/accounts ()
Assigned to: Nobody/Anonymous (nobody)
Summary: buffer overruns in pidfile handling

Initial Comment:
Hello, while performing an audit of vde2 
(https://bugs.launchpad.net/ubuntu/+source/vde2/+bug/776818) I found a bug; it 
may even be a security bug. If you decide this is a security issue, please 
contact the linux-distros security list to coordinate a release and request a 
CVE number. (See http://oss-security.openwall.org/wiki/mailing-lists/distros 
for details on using the linux-distros list. Note especially that [vs] is 
required in the Subject: header.)

static void save_pidfile()
{
        if(pidfile[0] != '/')
                strncat(pidfile_path, pidfile, PATH_MAX - strlen(pidfile_path));
        else
                strcpy(pidfile_path, pidfile);


If programs with this definition are executed with -p <more than PATH_MAX 
chars>, the pidfile_path heap array is overflowed and undefined behavior, 
including potential security problems, can result.

This code is duplicated in the following files:

src/vde_autolink.c 
src/vde_pcapplug.c 
src/vde_plug2tap.c 
src/wirefilter.c 
src/kvde_switch/consmgmt.c
src/slirpvde/slirpvde.c 
src/vde_switch/consmgmt.c


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=611248&aid=3603893&group_id=95403

------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
vde-users mailing list
vde-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vde-users

Reply via email to