Bug#747006: net-tools: Buffer overflow detected by libc in 'route' command
Martín Ferrari
tincho at tincho.org
Mon May 12 02:12:36 UTC 2014
On 04/05/14 20:00, Alan Fisher wrote:
> In this example, when 'route' is run with the fourth argument
> (0123456789abcdef) >= 16 characters, a buffer overrun occurs.
>
> # route add -6 default 0123456789abcdef
It seems that all parameters are exposed to buffer overflows:
$ ./route add -6 $(perl -e 'print "a"x128') foo
*** buffer overflow detected ***: ./route terminated
The code is using strcpy, I will produce a patch for this, but I'd
strongly recommend you to use iproute instead.
Thanks for reporting!
--
Martín Ferrari (Tincho)
More information about the Pkg-net-tools-maintainers
mailing list