From owner-freebsd-net Thu Oct 4 9:50:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from xerxes.courtesan.com (sdsl-64-32-146-211.dsl.lax.megapath.net [64.32.146.211]) by hub.freebsd.org (Postfix) with ESMTP id 5355937B403; Thu, 4 Oct 2001 09:50:33 -0700 (PDT) Received: from xerxes.courtesan.com (localhost.courtesan.com [IPv6:::1]) by xerxes.courtesan.com (8.12.1/8.12.1) with ESMTP id f94GoL4W028703; Thu, 4 Oct 2001 10:50:21 -0600 (MDT) Received: from xerxes.courtesan.com (millert@localhost) by xerxes.courtesan.com (8.12.1/8.12.0/Submit) with ESMTP id f94GoL10010161; Thu, 4 Oct 2001 10:50:21 -0600 (MDT) Message-Id: <200110041650.f94GoL10010161@xerxes.courtesan.com> To: Mike Barcroft Cc: Peter Pentchev , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch In-reply-to: Your message of "Thu, 04 Oct 2001 12:19:33 EDT." <20011004121933.B31795@coffee.q9media.com> References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> Date: Thu, 04 Oct 2001 10:50:20 -0600 From: "Todd C. Miller" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <20011004121933.B31795@coffee.q9media.com> so spake Mike Barcroft (mike): > Would you please test the attached patch and confirm that it solves > the problem? If it does, I'll commit it today. I doubt that is sufficient as "buf" is treated as a NUL terminated string in the calls to strstr(). Also note that it is not necessary to copy the buffer each time as in the original patch. You can only get a line w/o a newline as the last line before EOF. - todd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message