bug-inetutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-inetutils] Buffer overflow for gnu inetutils telnetd

From: Chris Severance
Subject: Re: [bug-inetutils] Buffer overflow for gnu inetutils telnetd
Date: Tue, 11 Jul 2017 14:45:52 -0400 
Try compiling with -fstack-protector-strong. If that's not enough you'll
need to add -fstack-protector-strong to your glibc. The easiest way to
do that is to install an Arch based distro and install inetutils-git
from the AUR with the patch removed.

https://aur.archlinux.org/packages/inetutils-git/

All you're going to see is a crash which isn't very interesting.

The patch works. I see sizeof is why just changing the buffer size did
not produce a useful result.

On Tue, Jul 11, 2017, at 12:18 PM, Alfred M. Szmidt wrote:
> The right way to fix this is to not repeat the same gibberish code 7
> times, and then having a sensible test that checks the output.  Which
> is exactly why I asked a means to reproduce the problem.  That is not
> at all provided by the original bug report!
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]