Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Wed, 1 Jan 2003 12:06:14 -0500 From: Christopher Faylor To: cygwin AT cygwin DOT com Subject: Re: Heads up: *possible* bug in cygwin Message-ID: <20030101170613.GA19419@redhat.com> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <20030101100510 DOT 5b5b7f3f DOT steven DOT obrien2 AT ntlworld DOT com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030101100510.5b5b7f3f.steven.obrien2@ntlworld.com> User-Agent: Mutt/1.5.1i On Wed, Jan 01, 2003 at 10:05:10AM +0000, Steven O'Brien wrote: >Hi >I found a possible glib buffer overflow that is cygwin-specific (due to >a bug in cygwin perhaps?) that I worked around when porting glib-1.2.10 >to cygwin. Maybe this is still a problem in glib-2.0.x > >In glib-1.2.10, gutils.c: g_get_any_init (void), the current user >details are obtained from /etc/passwd. This code is called as part of >glib initialisation, whether the app wants this data or not. It uses >sysconf (_SC_GETPW_R_SIZE_MAX) to decide how much buffer to allocate for >this data. But on cygwin this appears broken, and the call to getpwuid_r >(getuid (), &pwd, buffer, bufsize, &pw) *may* overrun buffer, depending >on the length of the line in /etc/passwd for the current user. It's not broken. It is not implemented. If glib is incorrectly dealing with a negative return from sysconf then, um, hmm... cgf -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/