gzip bug w/ patch..
From: greg (gregn@dekode.org)Date: 12/30/01
- Previous message: BrainRawt .: "lastlines.cgi path traversal and command execution vulns"
- Next in thread: Tim J. Robbins: "Re: gzip bug w/ patch.."
- Reply: Tim J. Robbins: "Re: gzip bug w/ patch.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "greg" <gregn@dekode.org> To: <bugtraq@securityfocus.com> Date: Sun, 30 Dec 2001 14:26:10 -0000
Earlier, Goobles had pointed out a bug in Gzip pertaining to this code in
(gzip.c):
if (len + NLENGTH(dp) + 1 < MAX_PATH_LEN - 1) {
strcpy(nbuf,dir);
if (len != 0 /* dir = "" means current dir on Amiga */
#ifdef PATH_SEP2
while looking through I have found that the real problem lied here in
(gzip.c):
line 1009:
strcpy(ifname, iname);
well anyway, there is an attached patch, bye.
- application/octet-stream attachment: gzip.patch
- Previous message: BrainRawt .: "lastlines.cgi path traversal and command execution vulns"
- Next in thread: Tim J. Robbins: "Re: gzip bug w/ patch.."
- Reply: Tim J. Robbins: "Re: gzip bug w/ patch.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
