FS#28407 : [tftp-hpa] tftp cannot retrieve files

FS#28407 - [tftp-hpa] tftp cannot retrieve files - buffer overflow

Attached to Project: Arch Linux
Opened by Jonathan Frazier (wide-eye) - Monday, 13 February 2012, 21:16 GMT
Last edited by Dave Reisner (falconindy) - Tuesday, 14 February 2012, 01:51 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Jonathan Frazier (wide-eye) (2012-02-13)
Private	No

Details

tftp cannot retrieve files. stack protection kills it due to a buffer overflow.

attached is a gdb log with the stack protection trace and a backtrace using a debug package.

steps to reproduce:
echo foo > /var/tftpboot/foo
/etc/rc.d/tftpd start
tftp localhost -c get foo

fedora has a patch which fixes it for me:
http://pkgs.fedoraproject.org/gitweb/?p=tftp.git;a=blob_plain;f=tftp-hpa-0.49-fortify-strcpy-crash.patch;hb=HEAD

log (6.1 KiB)

This task depends upon

Closed by Dave Reisner (falconindy)
Tuesday, 14 February 2012, 01:51 GMT
Reason for closing: Duplicate
Additional comments about closing: ~~FS#28103~~

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#28407 - [tftp-hpa] tftp cannot retrieve files - buffer overflow

Details

Loading...