Bugtraq mailing list archives

Re: poc zlib sploit just for fun :)

From: "Ralf S. Engelschall" <rse () engelschall com>
Date: Thu, 27 Feb 2003 15:41:49 +0100


In article <200302241751.25591.kelledin+BTQ () skarpsey dyndns org> you wrote:

[...]
Attached below is a patch RK and I whipped up yesterday, after I 
caught wind of this problem sometime in the afternoon.
[...]


Thanks for your efforts. We've reviewed your patch for inclusion into
our OpenPKG "zlib" package and discovered that your configure checks are
not quite correct. For instance, you're incorrectly putting a va_list
variable into a snprintf call in one check, etc. Additionally we've
stripped down in size the patch to gzio.c (you re-formatted existing
code, etc). See http://cvs.openpkg.org/openpkg-src/zlib/zlib.patch for
our derived version of your patch in case you're interested.

                                       Ralf S. Engelschall
                                       rse () engelschall com
                                       www.engelschall.com

Current thread:

poc zlib sploit just for fun :) Crazy Einstein (Feb 24)
- Re: poc zlib sploit just for fun :) Kelledin (Feb 25)
- <Possible follow-ups>
- Re: poc zlib sploit just for fun :) Ralf S. Engelschall (Feb 27)