[9558] in bugtraq
Re: NT too? Re: Another Windows98 Bug...
daemon@ATHENA.MIT.EDU (Eric Stevens)
Sat Feb 13 17:00:13 1999
Date: Sat, 13 Feb 1999 11:36:40 -0500
Reply-To: Eric Stevens <ejsteven@CS.MILLERSV.EDU>
From: Eric Stevens <ejsteven@CS.MILLERSV.EDU>
X-To: Clifford Hammerschmidt <chammers@PIM.BC.CA>
To: BUGTRAQ@NETSPACE.ORG
This doesn't seem to affect service pack 4.
>The following perl script will create a 250 character file that will crash
>WinNT (service pack 3) explorer when right-clicked on:
>--------------------
>$fn = 'A' x 250;
>open (FH,">$fn") or die ":$!\n";
>print FH "it worked?";
>close FH;
>--------------------
>
>You may have to create the file inside a subdirectory. I think what is
>happening here is the path+filename exceeds MAX_PATH.
>
>To delete the file drop to a command window and delete it using it's
>shortname (dir /X will display shortnames).
>
>At 05:49 PM 2/9/98 -0800, you wrote:
>>>>>
>I'm not sure about the details of this problem, but when testing another
>buffer overflow, I created a long filename called "testfile.txt
>
>
> "
>(note the chr(160)'s at the end) It is 235 characters in length. After
>creating it on my desktop, I right clicked on it; explorer crashed saying
>it caused an illegal operation. the only way I found to close this was by
>using command.com I sent this to a friend and he got the same error.
>
> -Scott Campbell (<mailto:smc@visuallink.com>smc@visuallink.com)
>
><<<<
>
