Re: [External] Re: lib/54117 (Buffer overflow in editline filename completion)

To: christos%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost, paavo.helde%perkinelmer.com@localhost
Subject: Re: [External] Re: lib/54117 (Buffer overflow in editline filename completion)
From: Christos Zoulas <christos%zoulas.com@localhost>
Date: Mon, 15 Apr 2019 12:40:02 +0000 (UTC)
The following reply was made to PR lib/54117; it has been noted by GNATS.

From: Christos Zoulas <christos%zoulas.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: christos%netbsd.org@localhost,
 gnats-admin%netbsd.org@localhost,
 netbsd-bugs%netbsd.org@localhost,
 paavo.helde%perkinelmer.com@localhost
Subject: Re: [External] Re: lib/54117 (Buffer overflow in editline filename
 completion)
Date: Mon, 15 Apr 2019 08:36:18 -0400

 --Apple-Mail=_5F778E2D-3B8B-4915-9ACF-04920F30AE1C
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/plain;
 	charset=us-ascii
 
 The best way is to file PR's using the NetBSD send-pr system. You can =
 use the command line script on NetBSD or
 http://www.netbsd.org/cgi-bin/sendpr.cgi?gndb=3Dnetbsd =
 <http://www.netbsd.org/cgi-bin/sendpr.cgi?gndb=3Dnetbsd>
 
 Best Regards,
 
 
 christos
 
 > On Apr 15, 2019, at 5:50 AM, Helde, Paavo =
 <Paavo.Helde%PERKINELMER.COM@localhost> wrote:
 >=20
 > The following reply was made to PR lib/54117; it has been noted by =
 GNATS.
 >=20
 > From: "Helde, Paavo" <Paavo.Helde%PERKINELMER.COM@localhost>
 > To: "gnats-bugs%netbsd.org@localhost" <gnats-bugs%netbsd.org@localhost>,
 >        "christos%netbsd.org@localhost"
 > 	<christos%netbsd.org@localhost>,
 >        "netbsd-bugs%netbsd.org@localhost" <netbsd-bugs%netbsd.org@localhost>,
 >        "gnats-admin%netbsd.org@localhost" <gnats-admin%netbsd.org@localhost>
 > Cc:=20
 > Subject: RE: [External] Re: lib/54117 (Buffer overflow in editline =
 filename
 > completion)
 > Date: Mon, 15 Apr 2019 08:06:51 +0000
 >=20
 > Yes, I can confirm the fix seems to cure the memory overrun issue.
 >=20
 > PS. We are using the port =
 https://www.thrysoee.dk/editline/libedit-20190324=3D
 > -3.1.tar.gz and we saw several issues with it, like the history =
 subsystem n=3D
 > ot configurable and our custom ^@ binding regularly overwritten. The =
 port i=3D
 > s some weeks old, maybe some problems are fixed already, maybe some =
 are spe=3D
 > cific to the port and maybe some are the artefacts of our potentially =
 inade=3D
 > quate attempts to enforce the library to behave as needed for us. In =
 short,=3D
 >  would it make it sense for me to try to report some of those issues =
 and if=3D
 >  so, in what form?
 >=20
 > Regards
 > Paavo
 >=20
 >=20
 >=20
 > -----Original Message-----
 > From: abhinav%NetBSD.org@localhost <abhinav%NetBSD.org@localhost>=3D20
 > Sent: Friday, April 12, 2019 6:20 PM
 > To: christos%netbsd.org@localhost; netbsd-bugs%netbsd.org@localhost; =
 gnats-admin%netbsd.org@localhost; ab=3D
 > hinav%NetBSD.org@localhost; Helde, Paavo <Paavo.Helde%PERKINELMER.COM@localhost>
 > Subject: [External] Re: lib/54117 (Buffer overflow in editline =
 filename com=3D
 > pletion)
 >=20
 >=20
 > Use caution when opening links or attachments.
 >=20
 > Synopsis: Buffer overflow in editline filename completion
 >=20
 > State-Changed-From-To: open->feedback
 > State-Changed-By: abhinav%NetBSD.org@localhost
 > State-Changed-When: Fri, 12 Apr 2019 15:19:41 +0000
 > State-Changed-Why:
 > Christos committed the fix suggested by you, could you verify it?
 >=20
 >=20
 >=20
 
 
 --Apple-Mail=_5F778E2D-3B8B-4915-9ACF-04920F30AE1C
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/html;
 	charset=us-ascii
 
 <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; =
 charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
 -webkit-nbsp-mode: space; line-break: after-white-space;" class=3D"">The =
 best way is to file PR's using the NetBSD send-pr system. You can use =
 the command line script on NetBSD or<div class=3D""><a =
 href=3D"http://www.netbsd.org/cgi-bin/sendpr.cgi?gndb=3Dnetbsd"; =
 class=3D"">http://www.netbsd.org/cgi-bin/sendpr.cgi?gndb=3Dnetbsd</a></div=
 ><div class=3D""><br class=3D""></div><div class=3D"">Best =
 Regards,</div><div class=3D""><br class=3D""></div><div class=3D""><br =
 class=3D""></div><div class=3D"">christos<br class=3D""><div><br =
 class=3D""><blockquote type=3D"cite" class=3D""><div class=3D"">On Apr =
 15, 2019, at 5:50 AM, Helde, Paavo &lt;<a =
 href=3D"mailto:Paavo.Helde%PERKINELMER.COM@localhost"; =
 class=3D"">Paavo.Helde%PERKINELMER.COM@localhost</a>&gt; wrote:</div><br =
 class=3D"Apple-interchange-newline"><div class=3D""><div class=3D"">The =
 following reply was made to PR lib/54117; it has been noted by GNATS.<br =
 class=3D""><br class=3D"">From: "Helde, Paavo" &lt;<a =
 href=3D"mailto:Paavo.Helde%PERKINELMER.COM@localhost"; =
 class=3D"">Paavo.Helde%PERKINELMER.COM@localhost</a>&gt;<br class=3D"">To: "<a =
 href=3D"mailto:gnats-bugs%netbsd.org@localhost"; =
 class=3D"">gnats-bugs%netbsd.org@localhost</a>" &lt;<a =
 href=3D"mailto:gnats-bugs%netbsd.org@localhost"; =
 class=3D"">gnats-bugs%netbsd.org@localhost</a>&gt;,<br class=3D""> =
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"<a =
 href=3D"mailto:christos%netbsd.org@localhost"; class=3D"">christos%netbsd.org@localhost</a>"<br=
  class=3D""><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
 </span>&lt;<a href=3D"mailto:christos%netbsd.org@localhost"; =
 class=3D"">christos%netbsd.org@localhost</a>&gt;,<br class=3D""> =
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"<a =
 href=3D"mailto:netbsd-bugs%netbsd.org@localhost"; =
 class=3D"">netbsd-bugs%netbsd.org@localhost</a>" &lt;<a =
 href=3D"mailto:netbsd-bugs%netbsd.org@localhost"; =
 class=3D"">netbsd-bugs%netbsd.org@localhost</a>&gt;,<br class=3D""> =
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"<a =
 href=3D"mailto:gnats-admin%netbsd.org@localhost"; =
 class=3D"">gnats-admin%netbsd.org@localhost</a>" &lt;<a =
 href=3D"mailto:gnats-admin%netbsd.org@localhost"; =
 class=3D"">gnats-admin%netbsd.org@localhost</a>&gt;<br class=3D"">Cc: <br =
 class=3D"">Subject: RE: [External] Re: lib/54117 (Buffer overflow in =
 editline filename<br class=3D""> completion)<br class=3D"">Date: Mon, 15 =
 Apr 2019 08:06:51 +0000<br class=3D""><br class=3D""> Yes, I can confirm =
 the fix seems to cure the memory overrun issue.<br class=3D""><br =
 class=3D""> PS. We are using the port <a =
 href=3D"https://www.thrysoee.dk/editline/libedit-20190324=3D"; =
 class=3D"">https://www.thrysoee.dk/editline/libedit-20190324=3D</a><br =
 class=3D""> -3.1.tar.gz and we saw several issues with it, like the =
 history subsystem n=3D<br class=3D""> ot configurable and our custom ^@ =
 binding regularly overwritten. The port i=3D<br class=3D""> s some weeks =
 old, maybe some problems are fixed already, maybe some are spe=3D<br =
 class=3D""> cific to the port and maybe some are the artefacts of our =
 potentially inade=3D<br class=3D""> quate attempts to enforce the =
 library to behave as needed for us. In short,=3D<br class=3D""> =
 &nbsp;would it make it sense for me to try to report some of those =
 issues and if=3D<br class=3D""> &nbsp;so, in what form?<br class=3D""><br =
 class=3D""> Regards<br class=3D""> Paavo<br class=3D""><br class=3D""><br =
 class=3D""><br class=3D""> -----Original Message-----<br class=3D""> =
 From: <a href=3D"mailto:abhinav%NetBSD.org@localhost"; =
 class=3D"">abhinav%NetBSD.org@localhost</a> &lt;<a =
 href=3D"mailto:abhinav%NetBSD.org@localhost"; =
 class=3D"">abhinav%NetBSD.org@localhost</a>&gt;=3D20<br class=3D""> Sent: Friday, =
 April 12, 2019 6:20 PM<br class=3D""> To: <a =
 href=3D"mailto:christos%netbsd.org@localhost"; class=3D"">christos%netbsd.org@localhost</a>; =
 <a href=3D"mailto:netbsd-bugs%netbsd.org@localhost"; =
 class=3D"">netbsd-bugs%netbsd.org@localhost</a>; <a =
 href=3D"mailto:gnats-admin%netbsd.org@localhost"; =
 class=3D"">gnats-admin%netbsd.org@localhost</a>; ab=3D<br class=3D""> <a =
 href=3D"mailto:hinav%NetBSD.org@localhost"; class=3D"">hinav%NetBSD.org@localhost</a>; Helde, =
 Paavo &lt;<a href=3D"mailto:Paavo.Helde%PERKINELMER.COM@localhost"; =
 class=3D"">Paavo.Helde%PERKINELMER.COM@localhost</a>&gt;<br class=3D""> Subject: =
 [External] Re: lib/54117 (Buffer overflow in editline filename com=3D<br =
 class=3D""> pletion)<br class=3D""><br class=3D""><br class=3D""> Use =
 caution when opening links or attachments.<br class=3D""><br class=3D""> =
 Synopsis: Buffer overflow in editline filename completion<br =
 class=3D""><br class=3D""> State-Changed-From-To: open-&gt;feedback<br =
 class=3D""> State-Changed-By: <a href=3D"mailto:abhinav%NetBSD.org@localhost"; =
 class=3D"">abhinav%NetBSD.org@localhost</a><br class=3D""> State-Changed-When: =
 Fri, 12 Apr 2019 15:19:41 +0000<br class=3D""> State-Changed-Why:<br =
 class=3D""> Christos committed the fix suggested by you, could you =
 verify it?<br class=3D""><br class=3D""><br class=3D""><br =
 class=3D""></div></div></blockquote></div><br =
 class=3D""></div></body></html>=
 
 --Apple-Mail=_5F778E2D-3B8B-4915-9ACF-04920F30AE1C--
Prev by Date: Re: [External] Re: lib/54117 (Buffer overflow in editline filename completion)
Next by Date: Re: kern/54111: t_ptrace_wait* hangs and kills test runs
Previous by Thread: Re: [External] Re: lib/54117 (Buffer overflow in editline filename completion)
Indexes:
Home | Main Index | Thread Index | Old Index