Date: Thu, 7 Dec 2000 04:00:04 -0800 (PST) From: Dag-Erling Smorgrav <des@ofug.org> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/23352: [SECURITY] buffer overflow in opieftpd Message-ID: <200012071200.eB7C04f30017@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/23352; it has been noted by GNATS. From: Dag-Erling Smorgrav <des@ofug.org> To: venglin@freebsd.lublin.pl Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: bin/23352: [SECURITY] buffer overflow in opieftpd Date: 07 Dec 2000 12:54:15 +0100 venglin@freebsd.lublin.pl writes: > ftpd_popen() from opieftpd contains buffer overflow. opieftpd is not > compiled by default. While you're there, you might want to rewrite ftpd_popen() (both in opieftpd and regular ftpd - they should be identical, or at least very similar) so that it takes a list of arguments instead of a single string which it breaks into arguments. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012071200.eB7C04f30017>