public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed
* Re: ada/5903: Buffer overflow in temporary file creation
@ 2003-05-10 21:36 Dara Hazeghi
0 siblings, 0 replies; 3+ messages in thread
From: Dara Hazeghi @ 2003-05-10 21:36 UTC (permalink / raw)
To: nobody; +Cc: gcc-prs
The following reply was made to PR ada/5903; it has been noted by GNATS.
From: Dara Hazeghi <dhazeghi@yahoo.com>
To: gcc-gnats@gcc.gnu.org, fw@deneb.enyo.de
Cc:
Subject: Re: ada/5903: Buffer overflow in temporary file creation
Date: Sat, 10 May 2003 14:31:27 -0700
http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view%20audit-
trail&database=gcc&pr=5903
Hello,
gcc 3.1 is quite old. Would it be possible for you to determine if this
problem is still present on a more current version (ie 3.2.3)? Thanks,
Dara
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: ada/5903: Buffer overflow in temporary file creation
@ 2003-05-12 0:26 Dara Hazeghi
0 siblings, 0 replies; 3+ messages in thread
From: Dara Hazeghi @ 2003-05-12 0:26 UTC (permalink / raw)
To: nobody; +Cc: gcc-prs
The following reply was made to PR ada/5903; it has been noted by GNATS.
From: Dara Hazeghi <dhazeghi@yahoo.com>
To: gcc-gnats@gcc.gnu.org
Cc:
Subject: Re: ada/5903: Buffer overflow in temporary file creation
Date: Sun, 11 May 2003 17:16:11 -0700 (PDT)
--- Florian Weimer <fw@deneb.enyo.de> wrote:
> Dara Hazeghi <dhazeghi@yahoo.com> writes:
>
> > gcc 3.1 is quite old. Would it be possible for you
> to determine if
> > this problem is still present on a more current
> version (ie 3.2.3)?
>
> The bug is not properly fixed.
__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* ada/5903: Buffer overflow in temporary file creation
@ 2002-03-10 1:46 fw
0 siblings, 0 replies; 3+ messages in thread
From: fw @ 2002-03-10 1:46 UTC (permalink / raw)
To: gcc-gnats
>Number: 5903
>Category: ada
>Synopsis: Buffer overflow in temporary file creation
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Mar 10 01:46:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: fw@deneb.enyo.de
>Release: 3.1 20020308 (prerelease), 3.2 20020308 (experimental)
>Organization:
>Environment:
i686-pc-linux-gnu
>Description:
There is a buffer overflow bug in adaint.c:__gnat_tmp_name() (inside the #ifdef linux).
This bug could lead to unsafe setuid/setgid programs on GNU/Linux systems.
>How-To-Repeat:
>Fix:
Limit the length of the string copied from the TMPDIR environment variable.
>Release-Note:
>Audit-Trail:
>Unformatted:
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-05-12 0:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-05-10 21:36 ada/5903: Buffer overflow in temporary file creation Dara Hazeghi
-- strict thread matches above, loose matches on Subject: below --
2003-05-12 0:26 Dara Hazeghi
2002-03-10 1:46 fw
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).