Date: Thu, 6 Mar 1997 14:14:03 -0500 (EST) From: budzyn@clunix.cl.msu.edu (Joe Budzyn) To: freebsd-security@freebsd.org Subject: Re: FreeBSD lpd Security Vulnerability (fwd) Message-ID: <9703061914.AA21857@clunix.msu.edu>
next in thread | raw e-mail | index | archive | help
> Apply the following patch, rebuild libc and install the shared
> library. Since lpd is dynamically linked, this will fix the problem.
>
> Index: rcmd.c
> ===================================================================
> RCS file: /home/imp/FreeBSD/CVS/src/lib/libc/net/rcmd.c,v
> retrieving revision 1.3.4.4
> retrieving revision 1.3.4.5
> diff -u -r1.3.4.4 -r1.3.4.5
> - --- rcmd.c 1997/02/09 06:57:54 1.3.4.4
> +++ rcmd.c 1997/02/26 06:14:11 1.3.4.5
> @@ -377,7 +377,8 @@
> if ((hp = gethostbyaddr((char *)&raddr, sizeof(u_long),
> AF_INET)) == NULL)
> return (-1);
> - - strcpy(hname, hp->h_name);
> + strncpy(hname, hp->h_name, sizeof(hname));
> + hname[sizeof(hname) - 1] = '\0';
>
> while (fgets(buf, sizeof(buf), hostf)) {
> p = buf;
When this patch is applied, nslookup breaks. It needs to be recompiled to
work. Is there anything else that might break?
Joe Budzyn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9703061914.AA21857>