Bug#924792: pidof: unsanitized user input makes pidof crash
Jesse Smith
jsmith at resonatingmedia.com
Sun Mar 17 18:56:47 GMT 2019
This is a good find and I see two fairly straight forward ways to deal
with the bug:
1. We can drop the new -f flag. This is a little inconvenient for some
users, but immediately plugs the hole.
2. We can write our own print function that will not crash or give weird
behaviour the way printf() does. Right now I'm leaning toward the latter
option. It's a little more work, but probably a nicer fix for everyone
in the long run.
- Jesse
More information about the Debian-init-diversity
mailing list