* [9front] critical bug in libc's idn2utf()
@ 2021-10-31 16:25 cinap_lenrek
0 siblings, 0 replies; only message in thread
From: cinap_lenrek @ 2021-10-31 16:25 UTC (permalink / raw)
To: 9front
I just pushed a fix for a stack buffer-overflow bug
in libc's idn2utf() function to convert a punycode
domain name into utf-8.
The bug existed in all releases starting from:
Date: Tue Sep 25 20:14:25 +0200 2018
The following programs are affected:
ip/ipconfig
ndb/dns
webfs
It is highly recommended to sysupdate and rebuild the
whole system *NOW*, including the kernel as ip/ipconfig
is included in the kernels bootfs image.
you can see if you are affected by running the following:
term% hget http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
webfs 8183: suicide: sys: trap: fault write addr=0x0 pc=0x20ddec
--
cinap
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-11-01 9:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-31 16:25 [9front] critical bug in libc's idn2utf() cinap_lenrek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).