This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: FYI - bash crash due to asprintf bug
Eric Blake <ebb9 <at> byu.net> writes:
> The full vulnerability is that on cygwin, any program that uses asprintf with
> cygwin 1.5.22 or earlier, where the result of asprintf is a multiple of 4 but
> not 8 and is greater than 1024, will corrupt the heap.
Oh, and I meant to add that one of these programs is gdb itself. I found it
rather interesting trying to debug the bash coredump when the debugger itself
dumped core due to the same bug.
--
Eric Blake
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/