130145 – Buffer overflow in "cal"

Bug 130145 - Buffer overflow in "cal"

Summary: Buffer overflow in "cal"

Status:	RESOLVED INVALID

Alias:	None

Product:	SUSE LINUX 10.0
Classification:	openSUSE
Component:	Basesystem (show other bugs)
Version:	Final
Hardware:	i386 Linux

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Mads Martin Joergensen
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-10-22 11:14 UTC by Sid Boyce
Modified:	2005-10-22 19:00 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Customer
Services Priority:	0004
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
I reported the wrong fix (13.07 KB, text/plain) 2005-10-22 19:00 UTC, Sid Boyce	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sid Boyce 2005-10-22 11:14:54 UTC

cal command from util-linux-2.12q package.
# cal 2006
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/bin/cal.
    uid=0  euid=0  pid=3305
Call stack:
    0x40019945  /lib/libsafe.so.2.0.16
    0x4001ad60  /lib/libsafe.so.2.0.16
    0x804a08c   /usr/bin/cal
    0x804a363   /usr/bin/cal
    0x400b4e9b  /lib/tls/libc-2.3.5.so
Overflow caused by wcscat()
Killed

Comment 1 Sid Boyce 2005-10-22 11:17:46 UTC

"cal" from util-linux-2.12q fixes the buffer overflow.

Comment 2 Mads Martin Joergensen 2005-10-22 16:02:25 UTC

SUSE LINUX 10.0 has util-linux-2.12q

Comment 3 Sid Boyce 2005-10-22 19:00:23 UTC

Created attachment 55159 [details]
I reported the wrong fix

My mistake, the bug is actually fixed with cal from util-linux-2.12r