Date: Tue, 13 Aug 1996 06:22:07 -0700 From: "David E. Tweten" <tweten@frihet.com> To: ollivier.robert@eurocontrol.fr (Ollivier Robert) Cc: freebsd-security@FreeBSD.org Subject: Re: SECURITY: LSF Update#11: Vulnerability of rlogin Message-ID: <199608131322.GAA18894@ns.frihet.com>
next in thread | raw e-mail | index | archive | help
ollivier.robert@eurocontrol.fr said: >! if (strlen(term) + strlen(baud) < sizeof(term) - 1) >! (void)strcat(term, baud); This looks like a (reasonably harmless) off-by-one error to me. Shouldn't it rather be (minimum change) if (strlen(term) + strlen(baud) <= sizeof(term) - 1) or (most readable) if (strlen(term) + strlen(baud) + 1 <= sizeof(term)) or (least operations) if (strlen(term) + strlen(baud) < sizeof(term)) instead? -- David E. Tweten | PGP Key fingerprint: | tweten@frihet.com 12141 Atrium Drive | E9 59 E7 5C 6B 88 B8 90 | tweten@and.com Saratoga, CA 95070-3162 | 65 30 2A A4 A0 BC 49 AE | (408) 446-4131
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608131322.GAA18894>