[2198] in bugtraq
libc.so patch for SunOS revision
daemon@ATHENA.MIT.EDU (Doug Hughes)
Mon Sep 4 14:22:41 1995
Date: Sat, 2 Sep 1995 20:28:24 -0500
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
X-To: academic-firewalls@net.tamu.edu, bugtraq@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
There was a bug in the snprintf code that I was using the for libc.so
patch which would cause cron to crash under certain circumstances. The
bug was because cron was passing a zero length string in a %s statement.
I've fixed this particular/peculiar bug, and the latest version is available
at the same place as the previous one.
ftp.eng.auburn.edu:ftp/pub/doug/libc.so.1.9
(snprintf.c and syslog.c are also available for those who like to build
shared object libraries themselves and see the code in question)
Could someone forward this to the "Best-of" suburbia list? I seem to have
misplaced the address.
Same disclaimer applies. There may be more bugs in this, but at least
it patches the whopper security hole. Everything else about it seems
to be working fine, and should be okay until Sun releases their official
patch.
My OS - SunOS4.1.3_U1B
I know at least 3 people who have this patch installed, and I hope they
see this message.
