From owner-cvs-usrsbin  Fri Oct 25 11:15:04 1996
Return-Path: owner-cvs-usrsbin
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA06329
          for cvs-usrsbin-outgoing; Fri, 25 Oct 1996 11:15:04 -0700 (PDT)
Received: (from imp@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA06300;
          Fri, 25 Oct 1996 11:14:50 -0700 (PDT)
Date: Fri, 25 Oct 1996 11:14:50 -0700 (PDT)
From: Warner Losh <imp>
Message-Id: <199610251814.LAA06300@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-usrsbin
Subject: cvs commit:  src/usr.sbin/lpr/lpr lpr.c
Sender: owner-cvs-usrsbin@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

imp         96/10/25 11:14:50

  Modified:    usr.sbin/lpr/lpr  lpr.c
  Log:
  Fix a problem where the command line could be used to overflow a stack
  buffer which could be made to lead to a root shell.  This patch is
  OpenBSD's solution to the problem, and will silently truncate the
  output rather than overflow the buffer.
  
  Obtained from: OpenBSD
  
  Revision  Changes    Path
  1.8       +2 -2      src/usr.sbin/lpr/lpr/lpr.c