[Pkg-blender-maintainers] Bug#332413: CAN-2005-3151: Bufferoverflow
in blenderplayer arg parsing
Cyril Brulebois
cyril.brulebois at enst-bretagne.fr
Tue Dec 26 16:13:48 CET 2006
Moritz Muehlenhoff <jmm at inutil.org> (12/09/2006):
> is this resolved in current Blender releases? It's only exploitable in
> rare corner cases, but still it would be nice to have it fixed in
> Etch.
Hi,
I tried to reproduce this exploit on both sarge and sid (with blender
2.36 and 2.42 respectively, on an i386 platform, since the asm code
isn't OK on powerpc, just in case that matters), without any success (if
I understand well what should happen): a segfault happens in both cases.
I'm not sure about the conclusions that one could get after this tiny
experiment, though...
Cheers,
--
Cyril Brulebois
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-blender-maintainers/attachments/20061226/8d1c8467/attachment-0001.pgp
More information about the Pkg-blender-maintainers
mailing list