Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 04 Oct 2001 10:50:20 -0600
From:      "Todd C. Miller" <Todd.Miller@courtesan.com>
To:        Mike Barcroft <mike@FreeBSD.ORG>
Cc:        Peter Pentchev <roam@ringlet.net>, freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG
Subject:   Re: [CFR] whois(1) out-of-bound access patch 
Message-ID:  <200110041650.f94GoL10010161@xerxes.courtesan.com>
In-Reply-To: Your message of "Thu, 04 Oct 2001 12:19:33 EDT." <20011004121933.B31795@coffee.q9media.com> 
References:  <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> 

next in thread | previous in thread | raw e-mail | index | archive | help
In message <20011004121933.B31795@coffee.q9media.com>
	so spake Mike Barcroft (mike):

> Would you please test the attached patch and confirm that it solves
> the problem?  If it does, I'll commit it today.

I doubt that is sufficient as "buf" is treated as a NUL terminated
string in the calls to strstr().  Also note that it is not necessary
to copy the buffer each time as in the original patch.  You can
only get a line w/o a newline as the last line before EOF.

 - todd

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110041650.f94GoL10010161>