scrut(1) buffer overflow #40

New Issue

trinity · 2024-02-02T07:55:34-07:00

trinity commented

2024-02-02 07:55:34 -07:00

There's a buffer overflow in scrut(1); if all possible options are specified once, any additional options will exceed the ops array. See e246290bff/src/scrut.c (L42). This should be a one-line fix, I'm just logging it here so I can get to it later.

This wouldn't occur in normal usage but may have security ramifications (you can write any char in options to other places in memory).

There's a buffer overflow in scrut(1); if all possible options are specified once, any additional options will exceed the ops array. See https://git.tebibyte.media/bonsai/coreutils/src/commit/e246290bff7171144041e8ceba104d49dfcd18a8/src/scrut.c#L42. This should be a one-line fix, I'm just logging it here so I can get to it later. This wouldn't occur in normal usage but may have security ramifications (you can write any char in options to other places in memory).

trinity added the

bug

label 2024-02-02 07:55:34 -07:00

trinity referenced a pull request that will close this issue

2024-02-16 01:16:39 -07:00

scrut(1): fix buffer overflow in option parsing #61

trinity closed this issue

2024-02-17 23:15:50 -07:00

Sign in to join this conversation.