From owner-freebsd-chat Tue Dec 17 01:22:35 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id BAA10598 for chat-outgoing; Tue, 17 Dec 1996 01:22:35 -0800 (PST) Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id BAA10577 for ; Tue, 17 Dec 1996 01:22:24 -0800 (PST) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id KAA08004; Tue, 17 Dec 1996 10:21:35 +0100 Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id KAA02640; Tue, 17 Dec 1996 10:21:33 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.8.4/8.6.9) id KAA14465; Tue, 17 Dec 1996 10:06:02 +0100 (MET) From: J Wunsch Message-Id: <199612170906.KAA14465@uriah.heep.sax.de> Subject: Re: crontab security hole To: chat@freebsd.org Date: Tue, 17 Dec 1996 10:06:02 +0100 (MET) Cc: downsj@teeny.org (Jason Downs) Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: <199612170316.TAA22717@threadway.teeny.org> from Jason Downs at "Dec 16, 96 07:16:12 pm" X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E X-Mailer: ELM [version 2.4ME+ PL17 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk As Jason Downs wrote: > strncat() always terminates, strncpy() does not if it runs out of space. I've been confused about the former, but the latter is what i call an error by design. (There are more of them in the C standard library, like the missing snprintf() or a similar function, and the existance of gets().) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)