Date: Fri, 3 Dec 1999 22:51:29 -0700 (MST) From: Paul Hart <hart@iserver.com> To: Kris Kennaway <kris@hub.freebsd.org> Cc: audit@FreeBSD.ORG Subject: Re: Buffer overflows in libc (yp) Message-ID: <Pine.BSF.4.21.9912032247210.58329-100000@anchovy.orem.iserver.com> In-Reply-To: <Pine.BSF.4.21.9912032127370.19005-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 3 Dec 1999, Kris Kennaway wrote:
> - strcpy(ysd->dom_domain, dom);
> + strlcpy(ysd->dom_domain, dom, sizeof(ysd->dom_domain)-1);
Shouldn't that be:
strlcpy(ysd->dom_domain, dom, sizeof(ysd->dom_domain));
instead? I think one of the things that strlcpy(3) tries to address is
the general confusion over SIZE vs. SIZE - 1 that plagues some of the
other C string functions.
Paul Hart
--
Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc.
hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912032247210.58329-100000>