From owner-freebsd-questions@FreeBSD.ORG  Wed Aug 27 08:31:47 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3CD3116A4BF
	for <questions@freebsd.org>; Wed, 27 Aug 2003 08:31:47 -0700 (PDT)
Received: from webserver.get-linux.org
	(adsl-64-161-78-226.dsl.lsan03.pacbell.net [64.161.78.226])
	by mx1.FreeBSD.org (Postfix) with SMTP id 6682443FBD
	for <questions@freebsd.org>; Wed, 27 Aug 2003 08:31:46 -0700 (PDT)
	(envelope-from oremanj@webserver.get-linux.org)
Received: (qmail 27098 invoked by uid 1000); 27 Aug 2003 15:33:43 -0000
Date: Wed, 27 Aug 2003 08:33:43 -0700
From: Joshua Oreman <oremanj@get-linux.org>
To: Alexander Leidinger <Alexander@Leidinger.net>
Message-ID: <20030827153343.GA27037@webserver>
References: <20030817130114.2bfb3cf1.Alexander@Leidinger.net>
	<20030817133824.GA71246@madman.celabo.org>
	<20030818115928.20c1c570.Alexander@Leidinger.net>
	<20030827081036.GL47959@garage.freebsd.pl>
	<20030827111733.23d7bb71.Alexander@Leidinger.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030827111733.23d7bb71.Alexander@Leidinger.net>
User-Agent: Mutt/1.4.1i
cc: questions@freebsd.org
Subject: Re: SecFix for databases/firebird, please review
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2003 15:31:47 -0000

On Wed, Aug 27, 2003 at 11:17:33AM +0200 or thereabouts, Alexander Leidinger wrote:
> On Wed, 27 Aug 2003 10:10:36 +0200
> Pawel Jakub Dawidek <nick@garage.freebsd.pl> wrote:
> 
> > On Mon, Aug 18, 2003 at 11:59:28AM +0200, Alexander Leidinger wrote:
> > +> Thanks for the review. I've updated
> > +> http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 (modulo
> > +> Chris' work in progress). I'm looking forward to the next round. :-)
> > 
> > IMHO there are still problems with strncat(3).
> > 
[ ... ]
> > You also still don't add:
> > 
> > 	buf[sizeof(buf) - 1] = '\0';
> > 
> > after all strncat(3)s.
> 
> Hmmm... yes, I see the problem...

>From strncat(3):
	char* strncat (char * restrict s, const char * restrict append, size_t count);
	[ ... ]
	The strncat function appends not more than count characters from
	append, and then adds a terminating `\0'.
	(emphasis added) ^^^^^^^^^^^^^^^^^^^^^^^

So here there really isn't a problem.

-- Josh