Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Can anyone verify a core dump on /sbin/mingetty

From: David Klann <dklann () berbee com>
Date: Mon, 03 Dec 2001 14:20:38 -0600
Scott,

A (slightly altered) Mandrake 8.0 produces no core file on segmentation violation. Details below.

 -David

  --------------------------------
% uname -a
Linux foo.fake.com 2.4.5 #17 Sun Oct 14 14:37:44 CDT 2001 i686 unknown

% cat /etc/redhat-release
Linux Mandrake release 8.0 (Traktopel) for i586

% ls -l /sbin/mingetty
-rwxr-xr-x    1 root     root         8444 Sep  5  2000 /sbin/mingetty

% ldd /sbin/mingetty
        libc.so.6 => /lib/libc.so.6 (0x40023000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

% md5sum /sbin/mingetty
431588ae133aab9534b044ddf4e066da  /sbin/mingetty

% rpm -qf /sbin/mingetty
mingetty-0.9.4-14mdk

% rpm -qi mingetty-0.9.4-14mdk
Name        : mingetty                Relocations: (not relocateable)
Version     : 0.9.4                        Vendor: MandrakeSoft
Release     : 14mdk                    Build Date: Tue 05 Sep 2000 04:56:59 AM CDT
Install date: Fri 07 Sep 2001 04:31:49 PM CDT      Build Host: ke.mandrakesoft.com
Group       : System/Base                   Source RPM: mingetty-0.9.4-14mdk.src.rpm
Size        : 35137                            License: GPL
Packager    : Etienne Faure <etienne () mandrakesoft com>
Summary     : A compact getty program for virtual consoles only.
Description :
The mingetty program is a lightweight, minimalist getty program for
use only on virtual consoles.  Mingetty is not suitable for serial
lines (you should use the mgetty program instead for that purpose).

% ls -ld
drwx------   51 foo   foo       2800 Dec  3 14:12 .

% /sbin/mingetty `perl -e 'print "A"x9000'`
zsh: 4001 segmentation fault  /sbin/mingetty `perl -e 'print "A"x9000'`
Previous By Date Next
Previous By Thread Next

Current thread: