* [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging
@ 2020-12-01 12:20 shahab-vahedi
2020-12-01 13:27 ` ericonr
` (12 more replies)
0 siblings, 13 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 12:20 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1018 bytes --]
There is a new pull request by shahab-vahedi against master on the void-packages repository
https://github.com/shahab-vahedi/void-packages expect-fix
https://github.com/void-linux/void-packages/pull/26861
expect 5.45.4_3: Fix the buffer overlow while logging
There is a buffer overflow issue with "expect" when you run it
with "--debug" flag and the expected string is too big [1].
This patch was already proposed 7 years ago [2] but never found
its away upstream. Other distros also fix it locally [3]. It's
time we have it fixed in Void Linux as well.
[1] Bug 26986 - *** buffer overflow detected ***: expect terminated
https://sourceware.org/bugzilla/show_bug.cgi?id=26986
[2] Expect / Bugs / #95 buffer overflow in exp_log.c
https://sourceforge.net/p/expect/bugs/95/
[3] fedora fixing the overflow in expect
https://src.fedoraproject.org/rpms/expect/blob/master/f/expect-5.45-exp-log-buf-overflow.patch
A patch file from https://github.com/void-linux/void-packages/pull/26861.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-expect-fix-26861.patch --]
[-- Type: text/x-diff, Size: 2652 bytes --]
From 4cc9e9af87ec97308176a694e7b408820108e9ed Mon Sep 17 00:00:00 2001
From: Shahab Vahedi <shahab.vahedi@gmail.com>
Date: Tue, 1 Dec 2020 13:04:15 +0100
Subject: [PATCH] expect 5.45.4_3: Fix the buffer overlow while logging
There is a buffer overflow issue with "expect" when you run it
with "--debug" flag and the expected string is too big [1].
This patch was already proposed 7 years ago [2] but never found
its away upstream. Other distros also fix it locally [3]. It's
time we have it fixed in Void Linux as well.
[1] Bug 26986 - *** buffer overflow detected ***: expect terminated
https://sourceware.org/bugzilla/show_bug.cgi?id=26986
[2] Expect / Bugs / #95 buffer overflow in exp_log.c
https://sourceforge.net/p/expect/bugs/95/
[3] fedora fixing the overflow in expect
https://src.fedoraproject.org/rpms/expect/blob/master/f/expect-5.45-exp-log-buf-overflow.patch
---
...005-fix-buffer-overflow-when-logging.patch | 22 +++++++++++++++++++
srcpkgs/expect/template | 2 +-
2 files changed, 23 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/expect/patches/0005-fix-buffer-overflow-when-logging.patch
diff --git a/srcpkgs/expect/patches/0005-fix-buffer-overflow-when-logging.patch b/srcpkgs/expect/patches/0005-fix-buffer-overflow-when-logging.patch
new file mode 100644
index 00000000000..cc69ab474de
--- /dev/null
+++ b/srcpkgs/expect/patches/0005-fix-buffer-overflow-when-logging.patch
@@ -0,0 +1,22 @@
+*** exp_log.c 2020-12-01 12:09:21.839702061 +0100
+--- exp_log.c.patched 2020-12-01 12:09:43.075701160 +0100
+*************** expStdoutLog TCL_VARARGS_DEF(int,arg1)
+*** 179 ****
+! (void) vsprintf(bigbuf,fmt,args);
+--- 179 ----
+! (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+*************** expErrorLog TCL_VARARGS_DEF(char *,arg1)
+*** 225 ****
+! (void) vsprintf(bigbuf,fmt,args);
+--- 225 ----
+! (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+*************** expDiagLog TCL_VARARGS_DEF(char *,arg1)
+*** 267 ****
+! (void) vsprintf(bigbuf,fmt,args);
+--- 267 ----
+! (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+*************** expPrintf TCL_VARARGS_DEF(char *,arg1)
+*** 310 ****
+! len = vsprintf(bigbuf,arg1,args);
+--- 310 ----
+! len = vsnprintf(bigbuf,sizeof(bigbuf),arg1,args);
diff --git a/srcpkgs/expect/template b/srcpkgs/expect/template
index 664f91cdb40..2d0bdbd4e44 100644
--- a/srcpkgs/expect/template
+++ b/srcpkgs/expect/template
@@ -1,7 +1,7 @@
# Template file for 'expect'
pkgname=expect
version=5.45.4
-revision=2
+revision=3
wrksrc=${pkgname}${version}
build_style=gnu-configure
configure_args="expect_cv_wnohang_value=1"
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
@ 2020-12-01 13:27 ` ericonr
2020-12-01 13:51 ` shahab-vahedi
` (11 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: ericonr @ 2020-12-01 13:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 294 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736550743
Comment:
Would you mind using the patch directly from fedora?
Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
2020-12-01 13:27 ` ericonr
@ 2020-12-01 13:51 ` shahab-vahedi
2020-12-01 13:59 ` shahab-vahedi
` (10 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 13:51 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 612 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
If you think it would be better, sure!
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
2020-12-01 13:27 ` ericonr
2020-12-01 13:51 ` shahab-vahedi
@ 2020-12-01 13:59 ` shahab-vahedi
2020-12-01 14:01 ` shahab-vahedi
` (9 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 13:59 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1623 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
Fedora's patch is not readily usable:
```
=> expect-5.45.4_3: patching: 0004-cross-misc.patch.
=> expect-5.45.4_3: patching: 0005-fix-buf-overflow-when-logging.patch.
The text leading up to this was:
--------------------------
|diff -up expect5.45/exp_log.c.orig expect5.45/exp_log.c
|--- expect5.45/exp_log.c.orig 2013-12-12 12:43:38.527854189 +0100
|+++ expect5.45/exp_log.c 2013-12-12 12:49:26.866576387 +0100
--------------------------
File to patch:
Skip this patch? [y]
4 out of 4 hunks ignored
=> ERROR: expect-5.45.4_3: do-patch_00-patches: 'patch -sl ${_args} -i ${_patch} 2> /dev/null' exited with 1
=> ERROR: in _process_patch() at common/hooks/do-patch/00-patches.sh:34
=> ERROR: in hook() at common/hooks/do-patch/00-patches.sh:51
=> ERROR: in run_func() at common/xbps-src/shutils/common.sh:21
=> ERROR: in run_pkg_hooks() at common/xbps-src/shutils/common.sh:245
=> ERROR: in run_step() at common/xbps-src/shutils/common.sh:71
=> ERROR: in main() at common/xbps-src/libexec/xbps-src-dopatch.sh:33
```
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (2 preceding siblings ...)
2020-12-01 13:59 ` shahab-vahedi
@ 2020-12-01 14:01 ` shahab-vahedi
2020-12-01 14:08 ` ericonr
` (8 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 14:01 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 574 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (3 preceding siblings ...)
2020-12-01 14:01 ` shahab-vahedi
@ 2020-12-01 14:08 ` ericonr
2020-12-01 14:12 ` shahab-vahedi
` (7 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: ericonr @ 2020-12-01 14:08 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 222 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736574064
Comment:
Fair enough :)
It would be nice if upstream came up with a proper fix, though.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (4 preceding siblings ...)
2020-12-01 14:08 ` ericonr
@ 2020-12-01 14:12 ` shahab-vahedi
2020-12-01 14:13 ` shahab-vahedi
` (6 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 14:12 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1584 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
```
=> expect-5.45.4_3: patching: 0004-cross-misc.patch.
=> expect-5.45.4_3: patching: 0005-fix-buf-overflow-when-logging.patch.
The text leading up to this was:
--------------------------
|diff -up expect5.45/exp_log.c.orig expect5.45/exp_log.c
|--- expect5.45/exp_log.c.orig 2013-12-12 12:43:38.527854189 +0100
|+++ expect5.45/exp_log.c 2013-12-12 12:49:26.866576387 +0100
--------------------------
File to patch:
Skip this patch? [y]
4 out of 4 hunks ignored
=> ERROR: expect-5.45.4_3: do-patch_00-patches: 'patch -sl ${_args} -i ${_patch} 2> /dev/null' exited with 1
=> ERROR: in _process_patch() at common/hooks/do-patch/00-patches.sh:34
=> ERROR: in hook() at common/hooks/do-patch/00-patches.sh:51
=> ERROR: in run_func() at common/xbps-src/shutils/common.sh:21
=> ERROR: in run_pkg_hooks() at common/xbps-src/shutils/common.sh:245
=> ERROR: in run_step() at common/xbps-src/shutils/common.sh:71
=> ERROR: in main() at common/xbps-src/libexec/xbps-src-dopatch.sh:33
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
```
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (5 preceding siblings ...)
2020-12-01 14:12 ` shahab-vahedi
@ 2020-12-01 14:13 ` shahab-vahedi
2020-12-01 14:25 ` [PR PATCH] [Updated] " shahab-vahedi
` (5 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 14:13 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1630 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
That patch cannot be readily used by us.
```
=> expect-5.45.4_3: patching: 0004-cross-misc.patch.
=> expect-5.45.4_3: patching: 0005-fix-buf-overflow-when-logging.patch.
The text leading up to this was:
--------------------------
|diff -up expect5.45/exp_log.c.orig expect5.45/exp_log.c
|--- expect5.45/exp_log.c.orig 2013-12-12 12:43:38.527854189 +0100
|+++ expect5.45/exp_log.c 2013-12-12 12:49:26.866576387 +0100
--------------------------
File to patch:
Skip this patch? [y]
4 out of 4 hunks ignored
=> ERROR: expect-5.45.4_3: do-patch_00-patches: 'patch -sl ${_args} -i ${_patch} 2> /dev/null' exited with 1
=> ERROR: in _process_patch() at common/hooks/do-patch/00-patches.sh:34
=> ERROR: in hook() at common/hooks/do-patch/00-patches.sh:51
=> ERROR: in run_func() at common/xbps-src/shutils/common.sh:21
=> ERROR: in run_pkg_hooks() at common/xbps-src/shutils/common.sh:245
=> ERROR: in run_step() at common/xbps-src/shutils/common.sh:71
=> ERROR: in main() at common/xbps-src/libexec/xbps-src-dopatch.sh:33
```
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PR PATCH] [Updated] expect 5.45.4_3: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (6 preceding siblings ...)
2020-12-01 14:13 ` shahab-vahedi
@ 2020-12-01 14:25 ` shahab-vahedi
2020-12-01 14:37 ` expect: " shahab-vahedi
` (4 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 14:25 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1023 bytes --]
There is an updated pull request by shahab-vahedi against master on the void-packages repository
https://github.com/shahab-vahedi/void-packages expect-fix
https://github.com/void-linux/void-packages/pull/26861
expect 5.45.4_3: Fix the buffer overlow while logging
There is a buffer overflow issue with "expect" when you run it
with "--debug" flag and the expected string is too big [1].
This patch was already proposed 7 years ago [2] but never found
its away upstream. Other distros also fix it locally [3]. It's
time we have it fixed in Void Linux as well.
[1] Bug 26986 - *** buffer overflow detected ***: expect terminated
https://sourceware.org/bugzilla/show_bug.cgi?id=26986
[2] Expect / Bugs / #95 buffer overflow in exp_log.c
https://sourceforge.net/p/expect/bugs/95/
[3] fedora fixing the overflow in expect
https://src.fedoraproject.org/rpms/expect/blob/master/f/expect-5.45-exp-log-buf-overflow.patch
A patch file from https://github.com/void-linux/void-packages/pull/26861.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-expect-fix-26861.patch --]
[-- Type: text/x-diff, Size: 3268 bytes --]
From d2106e46f52f959b1d812abec1ef100832245c03 Mon Sep 17 00:00:00 2001
From: Shahab Vahedi <shahab.vahedi@gmail.com>
Date: Tue, 1 Dec 2020 13:04:15 +0100
Subject: [PATCH] expect: Fix the buffer overlow while logging
There is a buffer overflow issue with "expect" when you run it
with "--debug" flag and the expected string is too big [1].
This patch was already proposed 7 years ago [2] but never found
its away upstream. Other distros also fix it locally [3]. It's
time we have it fixed in Void Linux as well.
[1] Bug 26986 - *** buffer overflow detected ***: expect terminated
https://sourceware.org/bugzilla/show_bug.cgi?id=26986
[2] Expect / Bugs / #95 buffer overflow in exp_log.c
https://sourceforge.net/p/expect/bugs/95/
[3] fedora fixing the overflow in expect
https://src.fedoraproject.org/rpms/expect/blob/master/f/expect-5.45-exp-log-buf-overflow.patch
---
.../0005-fix-buf-overflow-when-logging.patch | 39 +++++++++++++++++++
srcpkgs/expect/template | 2 +-
2 files changed, 40 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/expect/patches/0005-fix-buf-overflow-when-logging.patch
diff --git a/srcpkgs/expect/patches/0005-fix-buf-overflow-when-logging.patch b/srcpkgs/expect/patches/0005-fix-buf-overflow-when-logging.patch
new file mode 100644
index 00000000000..2f63daf1972
--- /dev/null
+++ b/srcpkgs/expect/patches/0005-fix-buf-overflow-when-logging.patch
@@ -0,0 +1,39 @@
+diff -up exp_log.c.orig exp_log.c
+--- exp_log.c.orig 2013-12-12 12:43:38.527854189 +0100
++++ exp_log.c 2013-12-12 12:49:26.866576387 +0100
+@@ -176,7 +176,7 @@ expStdoutLog TCL_VARARGS_DEF(int,arg1)
+
+ if ((!tsdPtr->logUser) && (!force_stdout) && (!tsdPtr->logAll)) return;
+
+- (void) vsprintf(bigbuf,fmt,args);
++ (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+ expDiagWriteBytes(bigbuf,-1);
+ if (tsdPtr->logAll || (LOGUSER && tsdPtr->logChannel)) Tcl_WriteChars(tsdPtr->logChannel,bigbuf,-1);
+ if (LOGUSER) fprintf(stdout,"%s",bigbuf);
+@@ -222,7 +222,7 @@ expErrorLog TCL_VARARGS_DEF(char *,arg1)
+ va_list args;
+
+ fmt = TCL_VARARGS_START(char *,arg1,args);
+- (void) vsprintf(bigbuf,fmt,args);
++ (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+
+ expDiagWriteChars(bigbuf,-1);
+ fprintf(stderr,"%s",bigbuf);
+@@ -264,7 +264,7 @@ expDiagLog TCL_VARARGS_DEF(char *,arg1)
+
+ fmt = TCL_VARARGS_START(char *,arg1,args);
+
+- (void) vsprintf(bigbuf,fmt,args);
++ (void) vsnprintf(bigbuf,sizeof(bigbuf),fmt,args);
+
+ expDiagWriteBytes(bigbuf,-1);
+ if (tsdPtr->diagToStderr) {
+@@ -307,7 +307,7 @@ expPrintf TCL_VARARGS_DEF(char *,arg1)
+ int len, rc;
+
+ fmt = TCL_VARARGS_START(char *,arg1,args);
+- len = vsprintf(bigbuf,arg1,args);
++ len = vsnprintf(bigbuf,sizeof(bigbuf),arg1,args);
+ retry:
+ rc = write(2,bigbuf,len);
+ if ((rc == -1) && (errno == EAGAIN)) goto retry;
diff --git a/srcpkgs/expect/template b/srcpkgs/expect/template
index 664f91cdb40..2d0bdbd4e44 100644
--- a/srcpkgs/expect/template
+++ b/srcpkgs/expect/template
@@ -1,7 +1,7 @@
# Template file for 'expect'
pkgname=expect
version=5.45.4
-revision=2
+revision=3
wrksrc=${pkgname}${version}
build_style=gnu-configure
configure_args="expect_cv_wnohang_value=1"
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (7 preceding siblings ...)
2020-12-01 14:25 ` [PR PATCH] [Updated] " shahab-vahedi
@ 2020-12-01 14:37 ` shahab-vahedi
2020-12-01 15:20 ` shahab-vahedi
` (3 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 14:37 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 579 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
Sure!
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (8 preceding siblings ...)
2020-12-01 14:37 ` expect: " shahab-vahedi
@ 2020-12-01 15:20 ` shahab-vahedi
2020-12-01 15:20 ` shahab-vahedi
` (2 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 15:20 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 575 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
Done!
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (9 preceding siblings ...)
2020-12-01 15:20 ` shahab-vahedi
@ 2020-12-01 15:20 ` shahab-vahedi
2020-12-01 20:16 ` shahab-vahedi
2020-12-01 20:55 ` [PR PATCH] [Merged]: " ericonr
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 15:20 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 579 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
Done!
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think loosing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: expect: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (10 preceding siblings ...)
2020-12-01 15:20 ` shahab-vahedi
@ 2020-12-01 20:16 ` shahab-vahedi
2020-12-01 20:55 ` [PR PATCH] [Merged]: " ericonr
12 siblings, 0 replies; 14+ messages in thread
From: shahab-vahedi @ 2020-12-01 20:16 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 578 bytes --]
New comment by shahab-vahedi on void-packages repository
https://github.com/void-linux/void-packages/pull/26861#issuecomment-736564215
Comment:
> Would you mind using the patch directly from fedora?
Done!
> Also, using `vsnprintf` means you can lose information, even if it avoids the buffer overflows...
If one doesn't one to lose the data, then the `bigbuf` should be handled dynamically. That would be a more error-prone patch than this one. Given a `*** buffer overflow detected ***: expect terminated`, I think losing the data at offsets _2000+_ should be OK.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PR PATCH] [Merged]: expect: Fix the buffer overlow while logging
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
` (11 preceding siblings ...)
2020-12-01 20:16 ` shahab-vahedi
@ 2020-12-01 20:55 ` ericonr
12 siblings, 0 replies; 14+ messages in thread
From: ericonr @ 2020-12-01 20:55 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 843 bytes --]
There's a merged pull request on the void-packages repository
expect: Fix the buffer overlow while logging
https://github.com/void-linux/void-packages/pull/26861
Description:
There is a buffer overflow issue with "expect" when you run it
with "--debug" flag and the expected string is too big [1].
This patch was already proposed 7 years ago [2] but never found
its away upstream. Other distros also fix it locally [3]. It's
time we have it fixed in Void Linux as well.
[1] Bug 26986 - *** buffer overflow detected ***: expect terminated
https://sourceware.org/bugzilla/show_bug.cgi?id=26986
[2] Expect / Bugs / #95 buffer overflow in exp_log.c
https://sourceforge.net/p/expect/bugs/95/
[3] fedora fixing the overflow in expect
https://src.fedoraproject.org/rpms/expect/blob/master/f/expect-5.45-exp-log-buf-overflow.patch
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2020-12-01 20:55 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-01 12:20 [PR PATCH] expect 5.45.4_3: Fix the buffer overlow while logging shahab-vahedi
2020-12-01 13:27 ` ericonr
2020-12-01 13:51 ` shahab-vahedi
2020-12-01 13:59 ` shahab-vahedi
2020-12-01 14:01 ` shahab-vahedi
2020-12-01 14:08 ` ericonr
2020-12-01 14:12 ` shahab-vahedi
2020-12-01 14:13 ` shahab-vahedi
2020-12-01 14:25 ` [PR PATCH] [Updated] " shahab-vahedi
2020-12-01 14:37 ` expect: " shahab-vahedi
2020-12-01 15:20 ` shahab-vahedi
2020-12-01 15:20 ` shahab-vahedi
2020-12-01 20:16 ` shahab-vahedi
2020-12-01 20:55 ` [PR PATCH] [Merged]: " ericonr
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).