Date: Mon, 15 Jul 1996 09:51:26 +1000 From: Bruce Evans <bde@zeta.org.au> To: pst@shockwave.com, thorpej@nas.nasa.gov Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org, nate@freefall.freebsd.org, wosch@cs.tu-berlin.de Subject: Re: cvs commit: src/usr.bin/rdist defs.h docmd.c expand.c lookup.c server.c Message-ID: <199607142351.JAA10509@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
> > That's way over-board. The only case where sprintf can get you into trouble > > is if you're sprintfing tainted variables (to steal a perl term) into a stack > > buffer. >It may be overboard, but it certainly doesn't _hurt_ :-) It may give a false sense of security. > > Should we disable sprintf() for sgid/suid programs? Why stop there? Convert all strcpy()s to snprintf()s. Convert all pointers to arrays. Implement array bounds checking. Actually use array bounds checking. !-) Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607142351.JAA10509>