Bug#924792: pidof: unsanitized user input makes pidof crash

Ian Campbell ijc at debian.org
Mon Mar 18 08:28:59 GMT 2019

On Sun, 2019-03-17 at 19:06 +0100, Matteo Croce wrote:
> #571590 added the '-f' argument to pidof, which allows to specify an
> arbitrary format string for the PIDs.
> Unfortunately this is broken, because passing plain user input to
> printf() can easily exploited:

What's the attack vector here (making this an exploit rather than
"just" a bug)?

Wouldn't you need to have some process which was passing untrusted data
directly to the `-f` argument, is that likely in the real world?


More information about the Debian-init-diversity mailing list