[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: buffer overflow in GNU tar-1.13
From: |
Bernhard Rosenkraenzer |
Subject: |
Re: buffer overflow in GNU tar-1.13 |
Date: |
Fri, 19 Jan 2001 16:37:37 +0100 (CET) |
On Fri, 19 Jan 2001, Antonomasia wrote:
> GNU tar-1.13 contains a buffer overflow in output filenames where rsh
> (or similar commands) are called. (The rsh connection is not required
> to succeed to demonstrate this bug.)
Current versions of tar (1.13.17, 1.13.18) are not affected.
bash-2.04$ tar cvf localhost:/`perl -e 'print "A"x5000;'` /tmp tar:
localhost\:/AAAAAAAAAAAA[...]A:
Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
LLaP
bero