11734 – ermixer minor flaw

Bug 11734 - ermixer minor flaw

Summary: ermixer minor flaw

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 Linux

Importance:	Lowest minor
Assignee:	Arcady Genkin (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2002-12-07 13:26 UTC by Ivan Tonizza
Modified:	2003-02-04 19:42 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ivan Tonizza 2002-12-07 13:26:22 UTC

there exist some minor flaws in the code of ermixer:
1* the files opened are not checked to be a real device/file and this can 
(unlikely) be a problem if someone really bad makes nasty symlinks...

2* conf = fopen(pathname, "w");
if pathname specified is longer than PATH_MAX the trailing .profile will be 
cutted away without error checking

3) the parser for the config has several flow , one of these is a non stack 
based buffer overflow in devs[y]

4) deleteFile has the same problem of truncating .profile at the end

those are minor flaws but i think that this piece of software doesn't act as 
someone is expecting in race conditions... so maybe it's a good idea to fix it 
instead of bothering about 'this is not a security problem if you don't suid 
it'.
Not all bugs are security problems :)

tnx for your time

Comment 1 Arcady Genkin (RETIRED) gentoo-dev

2002-12-12 04:13:17 UTC

Okay, but wouldn't it be better to report these upstream to ermixer developers?
 You can file a bug report with them at http://sourceforge.net/projects/ermixer/

Comment 2 Arcady Genkin (RETIRED) gentoo-dev

2002-12-12 17:04:40 UTC

My feeling is that I don't want to maintain a local patch for the application,
unless it's warranted by security considerations.