If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

CVE-2016-1246: Buffer overflow in DBD-mysql

RESOLVED FIXED

Status

()

bugzilla.mozilla.org
Infrastructure
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: alm, Unassigned)

Tracking

Production

Details

(Reporter)

Description

a year ago
Reference:
http://www.openwall.com/lists/oss-security/2016/10/03/7
https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2

--

When a reporting a variable bind error, DBD-mysql would try to
construct the error message in a fixed-size buffer on the stack,
possibly leading to arbitrary code execution.

It depends on the application whether untrusted data is included in
the error message.  -D_FORTIFY_SOURCE=2 would catch this and turn the
issue into a mere crash.
This will be resolved by the next bmo push, see bug 1307294.
Depends on: 1307294
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
(Reporter)

Updated

a year ago
Group: infra, mozilla-employee-confidential
You need to log in before you can comment on or make changes to this bug.