Entries tagged as bugs
argh code config debian dpkg esr fetchmail troubleshooting acpi announce apple bash c cli file system functions google hacking hacks hardware ipod libacpi linux programming random blurb release releases reverse scripts service shell software stfl text mode tools wtf www yacpi zsh dsa ouch security frustration opera web heise news ntp rant rss annouce fail fix tests php comments fefe suhosin comics compiler cracking dilbert distributors email errm errm? events firefox flame flashsucks fun gcc gpl internet licenses linuxtag monitoring omg openoffice optimization passwords pdf pizza pwsafe rms spam strato sucks uberguru vendors web 2.0 webhosting websites wordpress blogging feed reader newsbeuter phrack podcast radare toy story 25c3 alerts analysis arm attacks awards backdoor browser ccc congress companies compromises conferences configuration convtroversy ctf data mining documentation dos exim exploit fail2ban femtocell flagseverywhere gpg gsm irc javascript key transition mail mobile mobile phones osmocombb pain personal pgp phishing privacy protocols random thoughts scponly setup sfr sftp sms sofware ssh tricks ubiquisys xing xss youtube advertising apache block driver feature features fglrx graphics graphs grml help icecast ii images iptables lazyweb maemo mpd music mutt n900 netscape networking nitrogen nonsense open source openbox partnership patches phone pidgin review scripting specs squeeze streaming stuff testing text tools tip tips trackback wallpaper xinerama dns april bill bugmenot censorship community dotcom faq filesharing flickr howto knowledge links piratebay power retailmenot video w3c web security wikipedia
fail of the day: opera
Posted by Nico Golde in
Wednesday, June 9. 2010
I occasionally make use of the report function in opera in case it crashes (which happens quite often on 64bit for me), but if it crashes right when receiving the response
of the crash reporting website you really start to HATE that piece of software.
(notice Last visited URL)
FAIL! (using 0.60-6351)
of the crash reporting website you really start to HATE that piece of software.
(notice Last visited URL)
FAIL! (using 0.60-6351)
unsafe C functions (CVE-2009-1252)
Posted by Nico Golde in
Tuesday, May 19. 2009
There are a lot of discussions out there whether functions like strcpy are dangerous and shouldn't be used in C programs.
But Heise security made my day:
Beware of the evil printf!
Im rather disappointed by the overall quality of the heise security news anyway but of course they seem to have misread the original advisory and the bug report. They mean sprintf
EDIT: they fixed it
But Heise security made my day:
The problem is caused by the use of the unsafe C function printf in crypto_recv in ntpd/ntp_crypto.c.
Beware of the evil printf!
Im rather disappointed by the overall quality of the heise security news anyway but of course they seem to have misread the original advisory and the bug report. They mean sprintf
EDIT: they fixed it
Debian DSA-1571
Posted by Nico Golde in
Tuesday, May 13. 2008
A lot of people start throwing mud in the direction of Debian and especially the maintainer of openssl because of high impact security issue that was released today: DSA-1571.
Please notice that this was indeed discussed in 2006 with the openssl people before patching the package and it was an openssl.org guy who ACKed this patch after the maintainer asked for their opinion. So please stop blaming random people. Thanks!
Such things happen, so better use your time to fix your systems instead
UPDATE: people complaining about the "fact" that the "wrong" list was used to contact the openssl people, please read this
Please notice that this was indeed discussed in 2006 with the openssl people before patching the package and it was an openssl.org guy who ACKed this patch after the maintainer asked for their opinion. So please stop blaming random people. Thanks!
Such things happen, so better use your time to fix your systems instead
UPDATE: people complaining about the "fact" that the "wrong" list was used to contact the openssl people, please read this
More funny code from fetchmail
Posted by Nico Golde in
Thursday, March 29. 2007
Another nice piece of code made by ESR you know, the guy who writes books about "The art of UNIX programming" for example
From sink.c:
This code will segfault if the fopen call in line 4 fails, sinkfp will become NULL then which leads
to a segfault when writing more than once into it with fprintf/fputs.
What I find funny now is the check in line 17 to test the error indicator for the stream pointed to by sinkfp AFTER actually writing into it.
But what is even more funny is that also the check would segfault in this case since ferror will if it gets a NULL pointer.
From sink.c:
- if (strcmp(ctl->bsmtp, "-") == 0)
- sinkfp = stdout;
- else
- sinkfp = fopen(ctl->bsmtp, "a");
- /* see the ap computation under the SMTP branch */
- need_anglebrs = (msg->return_path[0] != '<');
- fprintf(sinkfp,
- "MAIL FROM:%s%s%s",
- need_anglebrs ? "<" : "",
- (msg->return_path[0]) ? msg->return_path : user,
- need_anglebrs ? ">" : "");
- /* DO SOME UNIMPORTANT STUFF HERE aka ...... CODE STRIPPED */
- fputs("DATA\r\n", sinkfp);
- if (ferror(sinkfp))
- {
- report(stderr, GT_("BSMTP file open or preamble write failed\n"));
- return(PS_BSMTP);
- }
This code will segfault if the fopen call in line 4 fails, sinkfp will become NULL then which leads
to a segfault when writing more than once into it with fprintf/fputs.
What I find funny now is the check in line 17 to test the error indicator for the stream pointed to by sinkfp AFTER actually writing into it.
But what is even more funny is that also the check would segfault in this case since ferror will if it gets a NULL pointer.
Calendar
|
November '15 | |||||
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
Quicksearch
Support
Recent Entries
- E-Plus GSM privacy/TMSI allocation leak
- Thursday, October 11 2012
- Exploiting the Ubiquisys/SFR femtocell webserver (wsal/shttpd/mongoose/yassl embedded webserver)
- Wednesday, August 3 2011
- So what happened recently...
- Wednesday, April 6 2011
- Sunday, February 6 2011
- exim remote vulnerability
- Thursday, December 9 2010
- Will my Phone Show An Unencrypted Connection?
- Wednesday, September 8 2010
- smpCTF 2010 quals writeups
- Sunday, August 8 2010
- protocol design fail: MMS notification
- Wednesday, July 28 2010
- acrobat reader stealing my passwords
- Tuesday, June 29 2010
- UnrealIRCd backdoored
- Saturday, June 12 2010
Syndicate This Blog
Categories
Tag cloud
23c3 acpi advertising annouce announce april argh art awards bash blogging bugs c cli code conferences config configuration data mining debconf debian dell dns documentation email errm? events exploit fail fail2ban filesharing films flame fun gcc google graphs grml gsm hacking hacks hardware heise images information installation internet irc knowledge libacpi links linux mobile phones network news newsbeuter omg open source opera passwords php power privacy programming qa random blurb rant release releases rss scripts security service setup shell sms software spam ssh stfl stuff terminal tests text mode tip tips tools troubleshooting unix user video vim.editing web web 2.0 websites wordpress wtf www youtube zsh