On 1999-08-16 09:51:58 +0800, David Luyer wrote:
> The tool mentioned in this has a couple of show-stopper bugs
Yes, there is also a buffer overflow in job.c (See attached patch). I
wonder how they could run this program for a month. Maybe they posted a
bug-ridden version to make it a little bit more difficult for the script
kiddies?
hp
--
_ | Peter J. Holzer | Nobody should ever have to be
|_|_) | Sysadmin WSR / Obmann LUGA | ashamed if they have a secret love
| | | [EMAIL PROTECTED] | for writing computer programs that
__/ | http://wsrx.wsr.ac.at/~hjp/ | actually work. -- Donald E. Knuth
diff -u orig/bass-1.0.7/job.c bass-1.0.7/job.c
--- orig/bass-1.0.7/job.c Sun Aug 8 21:43:51 1999
+++ bass-1.0.7/job.c Sun Aug 15 16:51:59 1999
@@ -48,7 +48,7 @@
jobcontrol->alloc += slots + 64;
jobcontrol->pids = (int *) xrealloc(jobcontrol->pids,
jobcontrol->alloc * sizeof(int));
- for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc+slots+64; i++)
+ for(i = jobcontrol->alloc-slots-64; i<jobcontrol->alloc; i++)
jobcontrol->pids[i] = JOB_FREE_SLOT;
}
PGP signature
