Date: Thu, 6 Mar 1997 14:14:03 -0500 (EST) From: budzyn@clunix.cl.msu.edu (Joe Budzyn) To: freebsd-security@freebsd.org Subject: Re: FreeBSD lpd Security Vulnerability (fwd) Message-ID: <9703061914.AA21857@clunix.msu.edu>
index | next in thread | raw e-mail
> Apply the following patch, rebuild libc and install the shared
> library. Since lpd is dynamically linked, this will fix the problem.
>
> Index: rcmd.c
> ===================================================================
> RCS file: /home/imp/FreeBSD/CVS/src/lib/libc/net/rcmd.c,v
> retrieving revision 1.3.4.4
> retrieving revision 1.3.4.5
> diff -u -r1.3.4.4 -r1.3.4.5
> - --- rcmd.c 1997/02/09 06:57:54 1.3.4.4
> +++ rcmd.c 1997/02/26 06:14:11 1.3.4.5
> @@ -377,7 +377,8 @@
> if ((hp = gethostbyaddr((char *)&raddr, sizeof(u_long),
> AF_INET)) == NULL)
> return (-1);
> - - strcpy(hname, hp->h_name);
> + strncpy(hname, hp->h_name, sizeof(hname));
> + hname[sizeof(hname) - 1] = '\0';
>
> while (fgets(buf, sizeof(buf), hostf)) {
> p = buf;
When this patch is applied, nslookup breaks. It needs to be recompiled to
work. Is there anything else that might break?
Joe Budzyn
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9703061914.AA21857>