National Institute of Standards and Technology
Package illustrating a test case

Test case 1286

Description

Realpath() overflow CERT advisory: CA-1999-03/CVE-1999-0368.
PATCHED version.
From MIT benchmarks (models/wu-ftpd/f3).
A path overflow inside realpath() function that canonicalizes a pathname.
To exploit this vulnerability, an attacker would first have to create a
deep directory structure.
Patched file: realpath-2.4.2-ok.c
Patched line numbers:
189, 267, 271, 298, 309, 320, 336, 348, 377, 390, 400, 413, 423, 437, 447, 458, 480, 494, 515, 529, 541, 557, 569, 578, 589, 602, 612

Flaws

Test Suites

Have any comments on this test case? Please, send us an email.