[apparmor] [Bug 781961] Re: Format string bugs in apparmor-utils
Kees Cook
kees at ubuntu.com
Fri May 13 09:04:13 UTC 2011
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
** Changed in: apparmor
Status: New => Confirmed
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/781961
Title:
Format string bugs in apparmor-utils
Status in AppArmor Linux application security framework:
Confirmed
Status in “apparmor” package in Ubuntu:
Confirmed
Bug description:
Binary package hint: apparmor-utils
/usr/sbin/audit and /usr/sbin/autodep and /usr/sbin/enforce have
format string bugs .
test case :
emanuel at emanuel-desktop:/tmp$ /usr/sbin/audit "/tmp/%n"
Modification of a read-only value attempted at /usr/sbin/audit line 122.
emanuel at emanuel-desktop:/tmp$ /usr/sbin/autodep "/tmp/%n"
Modification of a read-only value attempted at /usr/sbin/autodep line 112.
emanuel at emanuel-desktop:/tmp$ /usr/sbin/enforce "/tmp/%9999999999999s"
Integer overflow in format string for sprintf at /usr/sbin/enforce line 132.
the bug can be found at :
UI_Info(sprintf(gettext('%s does not exist, please double-check the path.') . $profiling));
fix : (like in /usr/sbin/complain)
UI_Info(sprintf(gettext('%s does not exist, please double-check the path.'), $profiling));
More information about the AppArmor
mailing list