Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 263413 - net-misc/mmsclient-0.0.3-r1: buffer overflows
Summary: net-misc/mmsclient-0.0.3-r1: buffer overflows
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
Whiteboard: B2 [maskglsa] (CVE requested) Pending...
Keywords: PMASKED
Depends on:
Reported: 2009-03-22 20:47 UTC by Harald van Dijk (RETIRED)
Modified: 2013-07-07 12:48 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Harald van Dijk (RETIRED) gentoo-dev 2009-03-22 20:47:43 UTC
Hi folks,

Take a look at mmsclient's client.c:

Line 28: #define BUF_SIZE 102400
Line 470: char data[1024];
Line 551: len = read (s, data, BUF_SIZE) ;

This blew up for me for obvious reasons, and may be exploitable on other systems. Changing the buffer length fixes my problem, but I have not checked if mmsclient contains other problems, so I thought I'd ask you security guys what you want to do about it. Do you want to get this fixed this now or wait and check the rest of the code first?
Comment 1 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-04-01 12:03:27 UTC
Thanks for the report. The first thing to do would be to report this upstream. Did you contact them already?
Comment 2 Harald van Dijk (RETIRED) gentoo-dev 2009-04-01 17:17:56 UTC
No, there is no upstream for mmsclient that I know of.
Comment 3 Harald van Dijk (RETIRED) gentoo-dev 2009-04-28 19:52:35 UTC
@security, you asked me to bring security issues to folks like you first, but the result is that it's been over a month now for something that I would've otherwise fixed in the tree directly. Could you take a look at this, please?
Comment 4 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-06 15:19:29 UTC
It's in the unstable, tree and it seems, that no one cared to look, sorry.

It's public via Bug #284747.
Comment 5 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-09 17:16:47 UTC
mmsclient will be removed.

*** This bug has been marked as a duplicate of bug 284747 ***
Comment 6 Stefan Behte (RETIRED) gentoo-dev Security 2009-12-10 20:46:37 UTC
No need to keep this closed. Whiteboard was incorrectly changed by me, so I'm reopening; we need a GLSA as there was a stable version.
Comment 7 Stefan Behte (RETIRED) gentoo-dev Security 2009-12-10 20:48:15 UTC
Sorry for bugspam...