FYI - bash crash due to asprintf bug
Eric Blake
ebb9@byu.net
Wed Nov 29 21:24:00 GMT 2006
Eric Blake <ebb9 <at> byu.net> writes:
> The full vulnerability is that on cygwin, any program that uses asprintf with
> cygwin 1.5.22 or earlier, where the result of asprintf is a multiple of 4 but
> not 8 and is greater than 1024, will corrupt the heap.
Oh, and I meant to add that one of these programs is gdb itself. I found it
rather interesting trying to debug the bash coredump when the debugger itself
dumped core due to the same bug.
--
Eric Blake
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list