Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: qcamovfl.txt

Qcam Overflows





Date: Mon, 20 Apr 1998 14:14:35 -0400
From: bst@INAME.COM
To: BUGTRAQ@NETSPACE.ORG

More Sunsite buggy soft:

   - ftp://sunsite.unc.edu/pub/Linux/apps/video/qcam-0.7c-5.tar.gz
   - ftp://sunsite.unc.edu/pub/Linux/apps/video/sqcam-0.1.tar.gz

We can see their Makefiles:
install:: all
        install -s -m 4755 -o root sqcam $(BINPATH)

and

install:: all
        install -s -m 4755 -o root qcam $(BINPATH)
        install -s -m 4755 -o root xqcam $(BINPATH)

then in the .c's:

     [...]
     sprintf(lockfile,"/tmp/LOCK.qcam.0x%x",q->port);
     if (-1 == (q->fd = open(lockfile, O_WRONLY | O_CREAT, 0666)))
     [...]

 Nothing to say here...

     [...]
     if (f == NULL) {
       sprintf(buf, "Cannot open configuration file %s!", file);
       perror(buf);
       return 1;
  }
  /* Where _file_ is a command line option */

 Nothing to say here neither...

Btw: Nothing to say ;)
Date: Mon, 20 Apr 1998 20:50:06 +0100
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
To: BUGTRAQ@NETSPACE.ORG
Subject: Qcam : Actually seems to be generic libqcam bug

> More Sunsite buggy soft:
>
>    - ftp://sunsite.unc.edu/pub/Linux/apps/video/qcam-0.7c-5.tar.gz
>    - ftp://sunsite.unc.edu/pub/Linux/apps/video/sqcam-0.1.tar.gz

This extends throughout every libqcam based application I've looked at
so far including the SANE-0.67 scanner package, which is often installed setuid
for 'safe' setuid targets like generic scsi.

None of them open the lock file safely.

Alan



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH