Summary: | <dev-lang/ruby-1.9.1_p376 String#ljust, #center, #rjust Heap-based buffer overflow (CVE-2009-4124) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | ruby, spatz |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string/ | ||
Whiteboard: | ~2 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
![]() ![]() ![]() Just tried to version bump to p376 with the patches from p243. All tests pass but one: #378 test_thread.rb:191:in `<top (required)>': begin 100.times do |i| begin Thread.start(Thread.current) {|u| u.raise } raise rescue ensure end end rescue 100 end #=> "" (expected "100") [ruby-dev:31371] FAIL 1/945 tests failed CVE-2009-4124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4124): Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information. p376 is in the tree. Masked and never stable → noglsa. |