[728] in linux-security and linux-alert archive
[linux-security] atoi et al
daemon@ATHENA.MIT.EDU (Dave G.)
Sat May 11 12:44:16 1996
From: "Dave G." <daveg@escape.com>
To: zarquon@popalex1.linknet.net
Date: Fri, 10 May 1996 14:49:25 -0400 (EDT)
Cc: linux-security@tarsier.cv.nrao.edu
I have done some playing around with this, and while I am able to get
ircII 2.8.2 w/ libc 5.0.9 to give a bus error, I have not been able to
get atoi() to crash in any way. Can you or anyone else please confirm
that it is atoi()?
Theoretically, this should cause a segmentation fault on any system with
a buggy atoi():
---
/* This program is silly, and was written with my mail editor. I
do not garuntee anything, and if you use it somewhere let me know,
and please strip my name out first :)
Dave G. <daveg@escape.com>
*/
#include <stdio.h>
#define BIGNUMBER 300
main()
{
char big_hairy_lobster[BIGNUMBER];
int i;
for (i=0;i<BIGNUMBER;i++)
big_hairy_lobster[i]='0';
big_hairy_lobster[i]='\0';
/* Our Big Hairy Lobster is now one big zero */
atoi(big_hairy_lobster);
/* Unless I am missing something this is the only way of calling
atoi(), and should(?) cause it to crash */
}
