GNU bug report logs -
#59544
[PATCH] Fixed lib-src/etags.c command execute vulnerability
Previous Next
Reported by: "lux" <lx <at> shellcodes.org>
Date: Thu, 24 Nov 2022 15:28:02 UTC
Severity: normal
Tags: patch, security
Done: Eli Zaretskii <eliz <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #58 received at 59544 <at> debbugs.gnu.org (full text, mbox):
> Date: Sat, 26 Nov 2022 18:41:22 +0800
> Cc: 59544 <at> debbugs.gnu.org
> From: lux <lx <at> shellcodes.org>
>
> > We've lived with this "security issue" for decades, so I see nothing here that justifies
> > "ASAP".
> Maybe someone found it, but didn't publish it?
Fixing it will not magically remove the problem from all the Emacs
installations out there, will it? It will only help to people who track the
master branch and rebuild Emacs very frequently on top of that.
So the urgency of fixing it is not measured in hours anyway.
> for example, the lib-src/ntlib.c:
>
> char *
> cuserid (char * s)
> {
> char * name = getlogin ();
> if (s)
> return strcpy (s, name ? name : "");
> return name;
> }
>
> before calling the strcpy function, the memory size of the pointer s is
> not checked, which may destroy the memory space. So, I want to replace
> it with a safe function, any suggestions?
The above function doesn't seem to be called anywhere in Emacs, so making it
better is a waste of energy. It should probably be removed.
This bug report was last modified 2 years and 129 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.