Date: Fri, 02 Aug 2002 11:36:35 -0400 From: Mike Tancsa <mike@sentex.net> To: "Andrey A. Chernov" <ache@nagual.pp.ru>, security@FreeBSD.ORG Subject: Re: [ache@FreeBSD.org: cvs commit: src/lib/libc/locale setlocale.c] Message-ID: <5.1.1.6.0.20020802113549.0541a008@marble.sentex.ca> In-Reply-To: <20020802011225.GA6411@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Was this still going to be MFC'd ?
---Mike
At 05:12 AM 02/08/2002 +0400, Andrey A. Chernov wrote:
>Please fill security advisory for this fix (first part). That original BSD
>code bug can be exploitable.
>
>----- Forwarded message from "Andrey A. Chernov" <ache@FreeBSD.org> -----
>
>Date: Thu, 1 Aug 2002 18:04:49 -0700 (PDT)
>From: "Andrey A. Chernov" <ache@FreeBSD.org>
>Subject: cvs commit: src/lib/libc/locale setlocale.c
>To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
>
>ache 2002/08/01 18:04:49 PDT
>
> Modified files:
> lib/libc/locale setlocale.c
> Log:
> Prevent out of bounds writting for too many slashes case.
> Replace strnpy + ='\0' with strlcpy
>
> MFC after: 1 day
>
> Revision Changes Path
> 1.35 +10 -14 src/lib/libc/locale/setlocale.c
>
>----- End forwarded message -----
>
>--
>Andrey A. Chernov
>http://ache.pp.ru/
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.0.20020802113549.0541a008>