From owner-freebsd-security Fri Jun 23 22: 2:13 2000 Delivered-To: freebsd-security@freebsd.org Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id 6B48337B72C for ; Fri, 23 Jun 2000 22:02:07 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.com (Foolstrustident!@homer.softweyr.com [204.68.178.39]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id XAA15000; Fri, 23 Jun 2000 23:01:37 -0600 (MDT) (envelope-from wes@softweyr.com) Message-ID: <3954410B.5716EE5D@softweyr.com> Date: Fri, 23 Jun 2000 23:03:07 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.0-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: dima@rdy.com Cc: Koga Youichirou , wollman@khavrinen.lcs.mit.edu, silby@silby.com, freebsd-security@FreeBSD.ORG Subject: Re: Fwd: WuFTPD: Providing *remote* root since at least1994 References: <200006240411.VAA82687@sivka.rdy.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dima Ruban wrote: > > What's the purpose of this patch? > I didn't look at the code, but to me it sounds like it's pretty much > irrelevant whether you gonna use ``foo(fmt, string)'' or ``foo(string)'' If string contains formatting codes, foo("%s", string) does the right thing and just puts out the formatting codes in the string. foo(string) tries to interpret the embedded format codes and blows the stack. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message