Bug 130145

Summary: Buffer overflow in "cal"
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Sid Boyce <sboyce>
Component: BasesystemAssignee: Mads Martin Joergensen <mmj>
Status: RESOLVED INVALID QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: Final   
Target Milestone: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Found By: Customer Services Priority: 0004
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: I reported the wrong fix

Description Sid Boyce 2005-10-22 11:14:54 UTC 
cal command from util-linux-2.12q package.
# cal 2006
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/bin/cal.
    uid=0  euid=0  pid=3305
Call stack:
    0x40019945  /lib/libsafe.so.2.0.16
    0x4001ad60  /lib/libsafe.so.2.0.16
    0x804a08c   /usr/bin/cal
    0x804a363   /usr/bin/cal
    0x400b4e9b  /lib/tls/libc-2.3.5.so
Overflow caused by wcscat()
Killed
Comment 1 Sid Boyce 2005-10-22 11:17:46 UTC 
"cal" from util-linux-2.12q fixes the buffer overflow.
Comment 2 Mads Martin Joergensen 2005-10-22 16:02:25 UTC 
SUSE LINUX 10.0 has util-linux-2.12q
Comment 3 Sid Boyce 2005-10-22 19:00:23 UTC 
Created attachment 55159 [details]
I reported the wrong fix

My mistake, the bug is actually fixed with cal from util-linux-2.12r