Date: Fri, 18 Jul 1997 11:52:55 -0700 (PDT) From: Warner Losh <imp@FreeBSD.ORG> To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-usrsbin@FreeBSD.ORG Subject: cvs commit: src/usr.sbin/lpr/common_source common.c Message-ID: <199707181852.LAA15879@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
imp 1997/07/18 11:52:54 PDT Modified files: usr.sbin/lpr/common_source common.c Log: Add code to make sure that we don't overflow the buffer that we copy the hostname into. In theory the bind library should do this, but in practice the limites between system defines and bind defines make an attack using this vector possible. These patches have been in use on my systems for three months now, so I am fairly confident about them. I plan on commiting this to 2.2 and 2.1 in the near future, as well as many other patches of this nature. Revision Changes Path 1.5 +4 -1 src/usr.sbin/lpr/common_source/common.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707181852.LAA15879>