Date: Wed, 24 Jul 1996 15:55:18 -0400 From: "Gary Palmer" <gpalmer@FreeBSD.org> To: Victor Rotanov <vitjok@fasts.lv> Cc: freebsd-security@FreeBSD.org Subject: Re: unofficial rlogin security patch Message-ID: <8267.838238118@orion.webspan.net> In-Reply-To: Your message of "Wed, 24 Jul 1996 22:47:56 -0000." <Pine.BSF.3.91.960724224208.1446A-100000@server.fasts.lv>
next in thread | previous in thread | raw e-mail | index | archive | help
Victor Rotanov wrote in message ID <Pine.BSF.3.91.960724224208.1446A-100000@server.fasts.lv>: > This will not allow buffer overrun caused by setting TERM environment > variable to something longer than 1024 bytes. In that case the patch was backwards (by my reading) ... you were changing strncpy to strcpy, which is what confused me (sorry, I didn't have time to check the source). Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8267.838238118>