Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buffer overflow in Main.c #12

Closed
prodigysml opened this issue Mar 6, 2018 · 2 comments
Closed

Buffer overflow in Main.c #12

prodigysml opened this issue Mar 6, 2018 · 2 comments
Labels
bug

Comments

@prodigysml
Copy link

A buffer overflow was detected in Main.c. The local_buffer variable takes the value of argv[4] without any bounds checking which causes the issue.

The assignment of the user-controlled variable is given below:

cadius/Src/Main.c

Line 897 in a9dd04a

strcpy(local_buffer,argv[4]);

A screenshot of the crash is given below:
image
@mach-kernel
Copy link
Owner

Hi @prodigysml, thanks for the bug report. I'll plug this into my next batch of fixes. I must say that I am surprised to see someone using this tool in this manner.

Thanks!

@mach-kernel mach-kernel added the bug label Mar 6, 2018
@mach-kernel mach-kernel mentioned this issue Mar 15, 2018
Merged
4 tasks
@mach-kernel
Copy link
Owner 

$ ./cadius CREATEVOLUME abc abc `python2 -c 'print "A" * 296 + "BBBBBB"'`                                                                                                             2.4.0
./cadius v 1.3.1, (c) Brutal Deluxe 2011-2013.
  Error: Argument too long!

This is fixed and will ship with #13. I feel that this is kind of contrived, but at the very least it may prevent someone from potentially messing up their local disk images. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mach-kernel @prodigysml