RE: [Full-Disclosure] cmd.exe bug in win2k sp4 in "for" loop

From: Aditya, ALD [Aditya Lalit Deshmukh] (
Date: 08/21/04

  • Next message: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] Possible dialer on"
    To: "Maxime Ducharme" <>, <>, "Full-Disclosure@Lists. Netsys. Com" <>
    Date: Sat, 21 Aug 2004 17:56:27 +0530

    thanks for the link that was what i *really* needed!


    -----Original Message-----
    []On Behalf Of Maxime
    Sent: Tuesday, August 17, 2004 08:25 PM
    To:; Full-Disclosure@Lists. Netsys. Com
    Subject: Re: [Full-Disclosure] cmd.exe bug in win2k sp4 in "for" loop

    Hi Aditya,
        this is not a bug, but normal operation of
    msdos command interpreter.

    There is a concept of different outputs for
    normal output and errors.

    They are called "stdout" and "stderr".

    stdout = 1
    stderr = 2

    When you redirect a program's output, you may
    specifiy which output you want (stdin or stderr).

    By default stdout is used, so a "1" is added before
    the redirections ">" or ">>".

    If you want to catch errors, you need to specify
    stderr output like this :

    echo "ello" 2>>stderr.log

    You may also catch each of them like this :

    echo "ello" 1>>stdout.log 2>>stderr.log

    You may find more details here :

    This is XP details, but I think it is the same behavior on NT, 2K and 2003.

    Have a nice day

    Maxime Ducharme
    Programmeur / Spécialiste en sécurité réseau

    ----- Original Message -----
    From: Aditya, ALD [Aditya Lalit Deshmukh]
    To: Full-Disclosure@Lists. Netsys. Com
    Sent: Tuesday, August 17, 2004 1:31 AM
    Subject: [Full-Disclosure] cmd.exe bug in win2k sp4 in "for" loop

    On windows 2000 SP4 the command processor cmd.exe has a small bug in the for
    loop see the attached image, this is making all the bat file go crazy with
    the output see the selected potions....

    is this a known bug, with a patch ? can it be reproduced on other NT/2k/XP/3
    versions of windows ?


    Full-Disclosure - We believe in it.

    Delivered using the Free Personal Edition of Mailtraq (

    Full-Disclosure - We believe in it.

  • Next message: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] Possible dialer on"

    Relevant Pages

    • Re: Bug in win xp: Auto-detaching modeless dialog.
      ... Destroying the dialog is important whether there is a bug or not. ... >I don't think that windows API cares about design flaws. ... >> The whole loop with a sleep in it is a colossal blunder. ... My program does some time consuming calculations and from ...
    • Re: A Beginner:Why is my program always returning true?
      ... and see what happens to find the third bug. ... This loop needs to scan increasingly higher indexes in the two strings yet ... Here's a simple rewrite to clean up the loops (without fixing your final ... goal here is always clear bug-free code first, and efficiency second. ...
    • Re: [PATCH] Avoid buffer overflows in get_user_pages()
      ... In particular, "len" is a signed int, and it is only checked at the ... So, if it is passed in as zero, the loop ... I think that, if get_user_pageshas been asked to grab zero pages, ... Which is a bug, and you want to catch it. ...
    • Re: strlen(), K+1: clarification
      ... for loop, the all-important for loop bound, rather than obscure it in ... means that you have a bug. ... Because of the design errors in the C ... a lot of errors in an interview if the interviewee admits/notices ...
    • Re: Grep and mv
      ... It looks like I have found a big bug ... neither mv nor cp work in a for do done loop ... The little test script above tells the tale. ... And mv does not like attempted work arounds. ...