Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #11406
| Path | csiph.com!xmission!news.glorb.com!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Eduardo A. Bustamante López <dualbus@gmail.com> |
| Newsgroups | gnu.bash.bug |
| Subject | Re: Integer Overflow in braces |
| Date | Thu, 20 Aug 2015 22:00:56 -0500 |
| Lines | 17 |
| Approved | bug-bash@gnu.org |
| Message-ID | <mailman.51.1440126064.31004.bug-bash@gnu.org> (permalink) |
| References | <CABq52TYThGj9OtBn3xTti5scmA=WdnS7ULw3G6GMayPK6WR0+w@mail.gmail.com> <5768562.ErHXazUaoC@smorgbox> <20150818130433.GF4309@eeg.ccf.org> <1558903.maOEY5AuEr@smorgbox> <55D34338.9000502@case.edu> |
| NNTP-Posting-Host | lists.gnu.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=us-ascii |
| X-Trace | usenet.stanford.edu 1440126064 32658 208.118.235.17 (21 Aug 2015 03:01:04 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | Dan Douglas <ormaaj@gmail.com>, bug-bash@gnu.org, Greg Wooledge <wooledg@eeg.ccf.org>, Pasha K <pashakravtsov@gmail.com> |
| To | Chet Ramey <chet.ramey@case.edu> |
| Envelope-to | bug-bash@gnu.org |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=xzcOd03hzKuKP36ecoZM/3gB1fh7idAH+WdwCv8ykxM=; b=rms4+0lozSod4zmk33NHtoQTigQ8KNFbQF3fvCHCilE80RXrA8YYz5UZHOtYJRxXgb +M6We8n14XQ3i/TEDxwp9Dk+BwrwRbeN0ckD0fbmmueWajQMs3c/Og1hXGCBuAeLUiPz qca5jm/5HNBAQ8fVwN5WHgTGfKTVA0Fx2Hb4PSDfun7j355oPixmOkjD3Ga1Z0pywAQp 00lLSd1mD+8OM2ml3nFcu60umZF4eQi5eckKEg3SvdSjnBnUHAyCgqatwbRN4/ZOqOxP vcUqP1NzdMjVLeJ0X1Pw1DW1aibvFzPKqxgOZu6JT3JdfgTgOqt3WoO6HM53xnmGd9Nv Z0aw== |
| X-Received | by 10.66.140.8 with SMTP id rc8mr12832964pab.34.1440126056911; Thu, 20 Aug 2015 20:00:56 -0700 (PDT) |
| Mail-Followup-To | Chet Ramey <chet.ramey@case.edu>, Dan Douglas <ormaaj@gmail.com>, bug-bash@gnu.org, Greg Wooledge <wooledg@eeg.ccf.org>, Pasha K <pashakravtsov@gmail.com> |
| Content-Disposition | inline |
| In-Reply-To | <55D34338.9000502@case.edu> |
| User-Agent | Mutt/1.5.23 (2014-03-12) |
| X-detected-operating-system | by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). |
| X-Received-From | 2607:f8b0:400e:c03::22f |
| X-BeenThere | bug-bash@gnu.org |
| X-Mailman-Version | 2.1.14 |
| Precedence | list |
| List-Id | Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org> |
| List-Unsubscribe | <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe> |
| List-Archive | <http://lists.gnu.org/archive/html/bug-bash> |
| List-Post | <mailto:bug-bash@gnu.org> |
| List-Help | <mailto:bug-bash-request@gnu.org?subject=help> |
| List-Subscribe | <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe> |
| Xref | csiph.com gnu.bash.bug:11406 |
Show key headers only | View raw
Just FYI, if this were really a critical security issue, this is not how you should disclose it: https://www.reddit.com/r/netsec/comments/3h997d/bash_integer_overflow/ You have to first contact the maintainer in private, make sure the issue is acknowleged, fixed, and that the fix is available to most Bash users *before* disclosing anything. This just strikes me as a way to make yourself publicity. If you really want to help to fix Bash, instead of just complaining about some odd looking comments, provide patches... -- Eduardo Bustamante https://dualbus.me/
Back to gnu.bash.bug | Previous | Next | Find similar
Re: Integer Overflow in braces Eduardo A. Bustamante López <dualbus@gmail.com> - 2015-08-20 22:00 -0500
csiph-web