Date: Fri, 26 Jan 2001 01:32:19 -0500 (EST) From: Mike Heffner <mheffner@vt.edu> To: Mark Murray <mark@grondar.za> Cc: FreeBSD-audit <FreeBSD-audit@FreeBSD.ORG> Subject: Re: lam(1) patch Message-ID: <XFMail.20010126013219.mheffner@vt.edu> In-Reply-To: <200101260624.f0Q6NZW05123@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26-Jan-2001 Mark Murray wrote: |> The following patch fixes the following: |> |> - sprintf() -> snprintf() |> - manual (unbounded) while() loop string copying -> strlcpy() |> - use tolower() rather than bit or'ing |> - sanity check the user specified printf() format |> - prevent walking off end of inputfile array |> - some other string bounds issues |> |> Reviews please? | | Looks cool to me. | | While you are in there, you probably also want to blow away the "register" | keyword(s) on the lines you are messing with. | Well I removed one register variable completely because it was no longer needed, but I hadn't touched any other variables. Should I remove "register" from some of the other variables? -- Mike Heffner <mheffner@vt.edu> Blacksburg, VA ICQ# 882073 http://filebox.vt.edu/users/mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20010126013219.mheffner>