netbsd-bugs: Re: bin/36997: ping doesn't verify limits

Subject: Re: bin/36997: ping doesn't verify limits
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org, zafer@aydogan.de>
From: David Laight <david@l8s.co.uk>
List: netbsd-bugs
Date: 09/17/2007 20:20:06

The following reply was made to PR bin/36997; it has been noted by GNATS.

From: David Laight <david@l8s.co.uk>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: bin/36997: ping doesn't verify limits
Date: Mon, 17 Sep 2007 21:17:22 +0100

 On Mon, Sep 17, 2007 at 10:15:00AM +0000, zafer@aydogan.de wrote:
 > >Number:         36997
 > >Category:       bin
 > >Synopsis:       ping doesn't verify limits
 ...
 > I think I found a bug in ping.
 > 
 > When playing around with ping, I noticed that there is no sufficient
 > verification for limits for the options -i, -l and -w.
 ...

 There is a general statement in the SUS that command line utilities are
 not required to perform numeric overflow tests on command line arguments.
 There is probably a proviso that the erronous values don't have any
 nasty side effects (eg buffer overruns).

 Whether this should apply to ping is another matter.

 	David

 -- 
 David Laight: david@l8s.co.uk