Date: Sun, 12 Nov 2000 02:37:24 -0500 From: Will Andrews <will@physics.purdue.edu> To: Kris Kennaway <kris@citusc.usc.edu> Cc: audit@FreeBSD.ORG Subject: Re: make(1) string paranoia part 1 (fwd) Message-ID: <20001112023724.D555@puck.firepipe.net> In-Reply-To: <20001008233144.A39915@citusc17.usc.edu>; from kris@citusc.usc.edu on Sun, Oct 08, 2000 at 11:31:44PM -0700 References: <20001008233144.A39915@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 08, 2000 at 11:31:44PM -0700, Kris Kennaway wrote: > Here. The NetBSD make(1) simply converts most of the sprintf() to > snprintf(). Sure, make(1) isn't really much of something that can be > exploited, but nothing wrong with a little string paranoia, IMO. It > also free()'s the strings properly. So... nobody has comments on this patch? I have tested it.. shall I commit? -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001112023724.D555>