GNU bug report logs - #30160
cat buffer overflow?

Previous Next

Package: coreutils;

Reported by: Rdrpenguin Minecraft and More <rdrpenguin04 <at> gmail.com>

Date: Thu, 18 Jan 2018 16:27:02 UTC

Severity: normal

Tags: notabug

Done: Bernhard Voelker <mail <at> bernhard-voelker.de>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 30160 in the body.
You can then email your comments to 30160 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-coreutils <at> gnu.org:
bug#30160; Package coreutils. (Thu, 18 Jan 2018 16:27:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Rdrpenguin Minecraft and More <rdrpenguin04 <at> gmail.com>:
New bug report received and forwarded. Copy sent to bug-coreutils <at> gnu.org. (Thu, 18 Jan 2018 16:27:03 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Rdrpenguin Minecraft and More <rdrpenguin04 <at> gmail.com>
To: bug-coreutils <at> gnu.org
Subject: cat buffer overflow?
Date: Thu, 18 Jan 2018 06:31:05 -0600

[Message part 1 (text/plain, inline)]
If 'cat' is run with a big enough file, say /dev/sda, the terminal gets
corrupted. This corruption may also extend beyond the terminal.

Steps to reproduce:
1. Run '/bin/cat /dev/sda'.
2. Wait from 2 to 3 minutes.
3. Ctrl-C to exit.
4. Observe corrupted terminal

This was tested on gnome-terminal in Ubuntu 16.04. It may or may not happen
in other terminals / flavors, and it may produce different errors too.

[Message part 2 (text/html, inline)]
Information forwarded to bug-coreutils <at> gnu.org:
bug#30160; Package coreutils. (Fri, 19 Jan 2018 08:21:01 GMT) Full text and rfc822 format available.

Message #8 received at 30160 <at> debbugs.gnu.org (full text, mbox):

From: Bernhard Voelker <mail <at> bernhard-voelker.de>
To: Rdrpenguin Minecraft and More <rdrpenguin04 <at> gmail.com>,
 30160 <at> debbugs.gnu.org, GNU bug control <control <at> debbugs.gnu.org>
Subject: Re: bug#30160: cat buffer overflow?
Date: Fri, 19 Jan 2018 09:20:30 +0100

tag 30160 notabug
close 30160
stop

On 01/18/2018 01:31 PM, Rdrpenguin Minecraft and More wrote:
> If 'cat' is run with a big enough file, say /dev/sda, the terminal gets
> corrupted. This corruption may also extend beyond the terminal.
> 
> Steps to reproduce:
> 1. Run '/bin/cat /dev/sda'.
> 2. Wait from 2 to 3 minutes.
> 3. Ctrl-C to exit.
> 4. Observe corrupted terminal
> 
> This was tested on gnome-terminal in Ubuntu 16.04. It may or may not happen
> in other terminals / flavors, and it may produce different errors too.

It is pretty clear that the terminal is messed up when someone writes random binary
data to it.  You're way better of using less(1) to prevent getting potentially
dangerous control sequences to the terminal.
If you really want to display the content of /dev/sda in a terminal, you could
maybe also use cat's -v or -A options, but I wonder if someone really could read
that fast.

Finally, you didn't proof that something is wrong with 'cat'.
Thus I'm closing this as 'not a bug' in our bug tracker.

Have a nice day,
Berny
Added tag(s) notabug. Request was from Bernhard Voelker <mail <at> bernhard-voelker.de> to control <at> debbugs.gnu.org. (Fri, 19 Jan 2018 08:21:02 GMT) Full text and rfc822 format available.
bug closed, send any further explanations to 30160 <at> debbugs.gnu.org and Rdrpenguin Minecraft and More <rdrpenguin04 <at> gmail.com> Request was from Bernhard Voelker <mail <at> bernhard-voelker.de> to control <at> debbugs.gnu.org. (Fri, 19 Jan 2018 08:21:02 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Fri, 16 Feb 2018 12:24:06 GMT) Full text and rfc822 format available.
This bug report was last modified 7 years and 186 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.