From owner-freebsd-security  Thu Aug 31 00:42:33 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.FreeBSD.org (8.6.11/8.6.6) id AAA27271
          for security-outgoing; Thu, 31 Aug 1995 00:42:33 -0700
Received: from clinet.fi (clinet.fi [193.64.6.1])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id AAA27265
          for <security@freebsd.org>; Thu, 31 Aug 1995 00:42:30 -0700
Received: from katiska.clinet.fi (root@katiska.clinet.fi [193.64.6.3]) by clinet.fi (8.6.10/8.6.4) with ESMTP id KAA26324; Thu, 31 Aug 1995 10:42:25 +0300
From: Heikki Suonsivu <hsu@clinet.fi>
Received: (hsu@localhost) by katiska.clinet.fi (8.6.12/8.6.4) id KAA26949; Thu, 31 Aug 1995 10:42:25 +0300
Date: Thu, 31 Aug 1995 10:42:25 +0300
Message-Id: <199508310742.KAA26949@katiska.clinet.fi>
To: "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>
Cc: security@freebsd.org
Subject: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 (fwd)
In-Reply-To: <Pine.3.89.9508282325.D12292-0100000@kryten.atinc.com>
References: <Pine.3.89.9508282325.D12292-0100000@kryten.atinc.com>
Organization: Clinet Ltd, Espoo, Finland
Sender: security-owner@freebsd.org
Precedence: bulk


Jonathan M. Bresler writes:
 > buffers and uses sprintf to write to them.  should be changed to 
 > snprintf--a quick persual says that should do the trick

sprintf %s format takes maximum string length, like %.5s copies maximum of
5 characters.  This could also be used.  snprintf looses the end of the
thing printed, while %.ns only looses bytes from the offending string.

-- 
Heikki Suonsivu, T{ysikuu 10 C 83/02210 Espoo/FINLAND,
hsu@clinet.fi  home +358-0-8031121 work -4375209 fax -4555276