2582 – security hole in lib/libc/nls/msgcat.c

Bug 2582 - security hole in lib/libc/nls/msgcat.c

Summary: security hole in lib/libc/nls/msgcat.c

Attachments
file.diff (662 bytes, patch) 1997-01-25 16:50 UTC, Julian Assange	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Julian Assange 1997-01-25 16:50:01 UTC

	exploitable stack over-run in catopen(3)

Fix: ignore env if [gu]id!=e[gu]id

Comment 1 mpp freebsd_committer

1997-01-26 07:11:50 UTC

Responsible Changed
From-To: gnats-admin->freebsd-bugs

Misfiled PR.

Comment 2 Bill Fenner freebsd_committer

1997-01-27 18:31:52 UTC

Responsible Changed
From-To: freebsd-bugs->freebsd-bugs

It didn't.

Comment 3 Warner Losh freebsd_committer

1997-02-09 06:41:53 UTC

Responsible Changed
From-To: freebsd-bugs->imp

I'm going to fix this

Comment 4 Warner Losh freebsd_committer

1997-03-24 06:15:18 UTC

State Changed
From-To: open->closed


fixed in msgcat.c 1.8