Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 37199 Details for
Bug 60034
net-im/gaim MSN Protocol Parsing Function Multiple Overflows
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Rats log for assessing the security issues.
rats.log (text/plain), 2.78 KB, created by
Chris White (RETIRED)
on 2004-08-11 00:27:03 UTC
(
hide
)
Description:
Rats log for assessing the security issues.
Filename:
MIME Type:
Creator:
Chris White (RETIRED)
Created:
2004-08-11 00:27:03 UTC
Size:
2.78 KB
patch
obsolete
>Entries in perl database: 33 >Entries in python database: 62 >Entries in c database: 334 >Entries in php database: 55 >Analyzing cmdproc.c >Analyzing command.c >Analyzing directconn.c >Analyzing error.c >Analyzing group.c >Analyzing history.c >Analyzing httpmethod.c >Analyzing msg.c >Analyzing msn.c >Analyzing nexus.c >Analyzing notification.c >Analyzing object.c >Analyzing page.c >Analyzing servconn.c >Analyzing session.c >Analyzing slp.c >Analyzing slpcall.c >Analyzing slplink.c >Analyzing slpmsg.c >Analyzing slpsession.c >Analyzing state.c >Analyzing switchboard.c >Analyzing sync.c >Analyzing table.c >Analyzing transaction.c >Analyzing user.c >Analyzing userlist.c >Analyzing utils.c >directconn.c:88: High: fixed size local buffer >error.c:30: High: fixed size local buffer >error.c:234: High: fixed size local buffer >msn.c:82: High: fixed size local buffer >msn.c:408: High: fixed size local buffer >msn.c:1225: High: fixed size local buffer >msn.c:1566: High: fixed size local buffer >nexus.c:37: High: fixed size local buffer >notification.c:152: High: fixed size local buffer >notification.c:184: High: fixed size local buffer >notification.c:270: High: fixed size local buffer >notification.c:723: High: fixed size local buffer >notification.c:724: High: fixed size local buffer >notification.c:725: High: fixed size local buffer >notification.c:1063: High: fixed size local buffer >servconn.c:300: High: fixed size local buffer >servconn.c:456: High: fixed size local buffer >slp.c:641: High: fixed size local buffer >slplink.c:255: High: fixed size local buffer >user.c:139: High: fixed size local buffer >utils.c:80: High: fixed size local buffer >utils.c:136: High: fixed size local buffer >utils.c:173: High: fixed size local buffer >utils.c:174: High: fixed size local buffer >Extra care should be taken to ensure that character arrays that are allocated >on the stack are used safely. They are prime targets for buffer overflow >attacks. > >notification.c:748: High: strcat >Check to be sure that argument 2 passed to this function call will not copy >more data than can be handled, resulting in a buffer overflow. > >directconn.c:282: Medium: read >directconn.c:321: Medium: read >servconn.c:307: Medium: read >Check buffer boundaries if calling this function in a loop and make sure you are not in danger of writing past the allocated space. > >slpmsg.c:100: Medium: stat >A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is >the first line where a check has occured. >The following line(s) contain uses that may match up with this check: >98 (fopen) > >user.c:129: Medium: stat >A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is >the first line where a check has occured. >The following line(s) contain uses that may match up with this check: >133 (fopen) > >Total lines analyzed: 12027 >Total time 0.030056 seconds >400153 lines per second
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=37199">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 60034
: 37199
