From owner-freebsd-audit Thu Oct 4 23:46:54 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (straylight.ringlet.net [217.75.134.254]) by hub.freebsd.org (Postfix) with SMTP id D135637B409 for ; Thu, 4 Oct 2001 23:46:47 -0700 (PDT) Received: (qmail 3514 invoked by uid 1000); 5 Oct 2001 06:45:39 -0000 Date: Fri, 5 Oct 2001 09:45:39 +0300 From: Peter Pentchev To: Garrett Wollman Cc: Mike Barcroft , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011005094539.B650@ringworld.oblivion.bg> Mail-Followup-To: Garrett Wollman , Mike Barcroft , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> <200110041702.f94H2uQ08169@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200110041702.f94H2uQ08169@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, Oct 04, 2001 at 01:02:56PM -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Oct 04, 2001 at 01:02:56PM -0400, Garrett Wollman wrote: > < said: > > > - printf("%s\n", buf); > > + printf("%.*s\n", (int)len, buf); > > This is a *much* better patch. ..yet it needs more work: strstr() and strcspn() are used on a non-null-terminated string. And even if those are fixed, additional work is done for each input line, instead of only for the lines that actually need it (at most one per session). G'luck, Peter -- This sentence contains exactly threee erors. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message