[9front] critical bug in libc's idn2utf()

9front - general discussion about 9front
 help / color / mirror / Atom feed

* [9front] critical bug in libc's idn2utf()
@ 2021-10-31 16:25 cinap_lenrek
  0 siblings, 0 replies; only message in thread
From: cinap_lenrek @ 2021-10-31 16:25 UTC (permalink / raw)
  To: 9front

I just pushed a fix for a stack buffer-overflow bug
in libc's idn2utf() function to convert a punycode
domain name into utf-8.

The bug existed in all releases starting from:

Date:	Tue Sep 25 20:14:25 +0200 2018

The following programs are affected:

ip/ipconfig
ndb/dns
webfs

It is highly recommended to sysupdate and rebuild the
whole system *NOW*, including the kernel as ip/ipconfig
is included in the kernels bootfs image.

you can see if you are affected by running the following:

term% hget http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
webfs 8183: suicide: sys: trap: fault write addr=0x0 pc=0x20ddec

--
cinap

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-11-01  9:12 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-31 16:25 [9front] critical bug in libc's idn2utf() cinap_lenrek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).