Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vulnerability in attach/create database when filename exceeds MAX_PATH_LEN [CORE1405] #1823

Closed
firebird-automations opened this issue Aug 6, 2007 · 8 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: @AlexPeshkoff

Vulnerability was reported in admins list. In yValve create/attach calls still have fixed size buffers of MaxPathLen for database name, without checks for buffer size. In HEAD bug was fixed during regular cleanup.

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Fix was commited at the 1 of August 2007 as fix for unregistered bug.
Item added according to Dmitry's request.

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

Workflow: jira [ 12760 ] => Firebird [ 13903 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

Fix Version: 1.5.5 [ 10220 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

security: Developers [ 10012 ] =>

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

QA Status: No test

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: No test => Not enough information

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment