From owner-cvs-sbin  Sun Jul 28 13:29:22 1996
Return-Path: owner-cvs-sbin
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA08577
          for cvs-sbin-outgoing; Sun, 28 Jul 1996 13:29:22 -0700 (PDT)
Received: (from peter@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA08557;
          Sun, 28 Jul 1996 13:29:12 -0700 (PDT)
Date: Sun, 28 Jul 1996 13:29:12 -0700 (PDT)
From: Peter Wemm <peter>
Message-Id: <199607282029.NAA08557@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-sbin
Subject: cvs commit:  src/sbin/ping ping.c
Sender: owner-cvs-sbin@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

peter       96/07/28 13:29:11

  Modified:    sbin/ping  ping.c
  Log:
  Limit the risk of `buf' overrun in ping.c when printing hostnames.
  
  Note, this is not really a security risk, because the buffer in question
  is a static variable in the data segment and not on the stack, and hence
  cannot subert the flow of execution in any way.  About the worst case was
  that if you pinged a long hostname, ping could coredump.
  
  Pointed out on: bugtraq  (listserv@netspace.org)
  
  Revision  Changes    Path
  1.6       +3 -2      src/sbin/ping/ping.c