[krbdev.mit.edu #8661] ksu segfaults when argc == 0

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[krbdev.mit.edu #8661] ksu segfaults when argc == 0

Jeffrey Arbuckle via RT
I think just about all of the programs in the krb5 source tree will seg
fault when argc is 0, and I'm generally not concerned about that.  It
might make sense for ksu to be careful because it's setuid, although I
don't think getting a setuid program to perform a null dereference
constitutes a vulnerability (I don't think operating systems allow
setuid programs to dump core, for instance).
_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs