From owner-freebsd-stable  Fri Nov  1 01:08:32 1996
Return-Path: owner-stable
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id BAA09975
          for stable-outgoing; Fri, 1 Nov 1996 01:08:32 -0800 (PST)
Received: from gw-nl1.philips.com (gw-nl1.philips.com [192.68.44.33])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id BAA09968;
          Fri, 1 Nov 1996 01:08:28 -0800 (PST)
Received: (from nobody@localhost) 
	by gw-nl1.philips.com (8.6.10/8.6.10-0.994n-08Nov95) id KAA19644; Fri, 1 Nov 1996 10:07:43 +0100
Received: from unknown(130.139.36.3) by gw-nl1.philips.com via smap (V1.3+ESMTP) with ESMTP
	id sma019531; Fri Nov  1 10:07:18 1996
Received: from spooky.lss.cp.philips.com (spooky.lss.cp.philips.com [130.144.199.105]) 
	by smtprelay.nl.cis.philips.com (8.6.10/8.6.10-1.2.1m-961030) with ESMTP id KAA10180; Fri, 1 Nov 1996 10:07:17 +0100
Received: (from guido@localhost) 
	by spooky.lss.cp.philips.com (8.6.10/8.6.10-0.991c-08Nov95) id KAA26376; Fri, 1 Nov 1996 10:07:16 +0100
From: Guido van Rooij <Guido.vanRooij@nl.cis.philips.com>
Message-Id: <199611010907.KAA26376@spooky.lss.cp.philips.com>
Subject: Re: rwhod buffer overflow bug
To: imp@village.org (Warner Losh)
Date: Fri, 1 Nov 1996 10:07:16 +0100 (MET)
Cc: Don.Lewis@tsc.tdk.com, freebsd-security@FreeBSD.ORG,
        freebsd-stable@FreeBSD.ORG
Reply-To: guido@gvr.win.tue.nl
In-Reply-To: <E0vJDCv-0002sf-00@rover.village.org> from Warner Losh at "Oct 31, 96 11:35:57 pm"
X-Mailer: ELM [version 2.4ME+ PL19 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-stable@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Warner Losh wrote:
> In message <199611010236.SAA05376@salsa.gv.ssi1.com> Don Lewis writes:
> : The wd_hostname buffer overflow bug in rwhod that came to light a couple
> : months ago appears to have been fixed in -current, but the fix never
> : seems to have been made to -stable.
> 
> I can do the CVS legwork if someone has a -stable system to test it
> on.
> 

I've got a 2.1.5. Send them to me. (I don't believe rwhod was otherwise
changed between 2.1.5 and -stable)

> Warner
> 
> P.S.  I just noticed and fixed two minor buffer related problems in
> rwhod.c that I happened to notice as I was looking at this code.  Yow!
> 

Send these as well ;-)

-Guido