From owner-freebsd-security  Thu Apr  5  7:18:57 2001
Delivered-To: freebsd-security@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP id 2EE6037B496
	for <freebsd-security@FreeBSD.ORG>; Thu,  5 Apr 2001 07:18:53 -0700 (PDT)
	(envelope-from ache@nagual.pp.ru)
Received: (from ache@localhost)
	by nagual.pp.ru (8.11.3/8.11.3) id f35EIlk98936;
	Thu, 5 Apr 2001 18:18:47 +0400 (MSD)
	(envelope-from ache)
Date: Thu, 5 Apr 2001 18:18:45 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Mark.Andrews@nominum.com
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: ntpd: committed fix still contains buffer overrun
Message-ID: <20010405181844.A98479@nagual.pp.ru>
References: <200104050545.f355jVT38066@drugs.dv.isc.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200104050545.f355jVT38066@drugs.dv.isc.org>; from Mark.Andrews@nominum.com on Thu, Apr 05, 2001 at 03:45:31PM +1000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Apr 05, 2001 at 15:45:31 +1000, Mark.Andrews@nominum.com wrote:

> -					while (isspace((int)(*(tp-1))))
> +					while (tp != buf &&
> +					       isspace((int)(*(tp-1))))

I wonder how many different variants of wrong cast people use in that
place: int, unsigned, etc. Proper cast is one: (unsigned char)
Please, fix.


-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message