Problem

suexec can dump core or produce incorrect logs of arguments when a very long argument list is given to the program being executed.

Solution

A 1024 byte fixed-size buffer is used for the log message. In the case when this buffer is not large enough, an attempt to allocate a larger buffer is made. On some platforms this fails depending on how the system implements variable argument lists (va_list).

This issue is fixed in BoKS Manager version 7.0. For BoKS versions pre-7.0, this issue is fixed in hotfix HFBM-0054. In the hotfix, the code has been changed to use a much larger initial buffer and also corrected to make sure the fallback method doesn't fail. This hotfix contains a corrected suexec for all platforms since it is complicated to determine exactly what platforms are affected by the issue. 64-bit Linux platforms are known to be affected.

Hotfix HFBM-0054 is available for download from the HelpSystems Community Portal.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018