Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 232005 (CVE-2008-3196) - dev-util/yacc skeleton.c rule reduction stack error (CVE-2008-3196)
Summary: dev-util/yacc skeleton.c rule reduction stack error (CVE-2008-3196)
Alias: CVE-2008-3196
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa]
Depends on:
Reported: 2008-07-16 21:20 UTC by Robert Buchholz (RETIRED)
Modified: 2011-10-20 04:57 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

yacc-skeleton.c-CVE-2008-3196.patch (yacc-skeleton.c-CVE-2008-3196.patch,1.15 KB, patch)
2008-07-16 21:55 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 21:20:22 UTC
CVE-2008-3196 (
  skeleton.c in yacc does not properly handle reduction of a rule with an empty
  right hand side, which allows context-dependent attackers to cause an
  out-of-bounds stack access when the yacc stack pointer points to the end of
  the stack.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 21:22:40 UTC
OpenBSD Patch:
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 21:30:23 UTC
This might also affect
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 21:55:49 UTC
Created attachment 160604 [details, diff]
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 21:57:57 UTC
ocaml was a false positive
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-07-16 22:03:54 UTC
same for btyacc.
byacc is affected, so we have two maintainer-needed packages for this.

Since yacc input should be trusted input anyway (it will create code to be run), I am tempted to call this a non-issue.
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-10-04 18:57:54 UTC
I have bumped the two packages, let's stable this on 2008-10-11 if no bugs pop up.
Comment 7 Robert Buchholz (RETIRED) gentoo-dev 2008-10-22 19:14:54 UTC
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"

Target keywords : "alpha amd64 ia64 ppc ppc64 s390 sparc x86"
Comment 8 Ferris McCormick (RETIRED) gentoo-dev 2008-10-22 19:41:58 UTC
Sparc stable for yacc-1.9.1-r4 and byacc-1.9-r2.  I also fixed a couple quoting problems ${FILESDIR} --> "${FILESDIR}" in byacc-1.9-r2 (I didn't bother with -1.9 or 1-9-r1).

Curious that even though yacc is part of the originil Unix, I think, it still does not come with a test phase.
Comment 9 Markus Meier gentoo-dev 2008-10-23 18:23:48 UTC
amd64/x86 stable
Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev 2008-10-23 18:34:32 UTC
ppc stable
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2008-10-24 09:05:09 UTC
alpha/ia64 stable
Comment 12 Jeroen Roovers (RETIRED) gentoo-dev 2008-10-24 21:52:42 UTC
Stable for HPPA.
Comment 13 Brent Baude (RETIRED) gentoo-dev 2008-10-27 20:04:55 UTC
ppc64 done
Comment 14 Tobias Heinlein (RETIRED) gentoo-dev 2008-11-05 08:49:03 UTC
Ready for vote, I vote NO.
Comment 15 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-11-05 11:23:14 UTC
voting NO too and closing.