Date: Wed, 27 Aug 2003 08:33:43 -0700 From: Joshua Oreman <oremanj@get-linux.org> To: Alexander Leidinger <Alexander@Leidinger.net> Cc: questions@freebsd.org Subject: Re: SecFix for databases/firebird, please review Message-ID: <20030827153343.GA27037@webserver> In-Reply-To: <20030827111733.23d7bb71.Alexander@Leidinger.net> References: <20030817130114.2bfb3cf1.Alexander@Leidinger.net> <20030817133824.GA71246@madman.celabo.org> <20030818115928.20c1c570.Alexander@Leidinger.net> <20030827081036.GL47959@garage.freebsd.pl> <20030827111733.23d7bb71.Alexander@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 27, 2003 at 11:17:33AM +0200 or thereabouts, Alexander Leidinger wrote: > On Wed, 27 Aug 2003 10:10:36 +0200 > Pawel Jakub Dawidek <nick@garage.freebsd.pl> wrote: > > > On Mon, Aug 18, 2003 at 11:59:28AM +0200, Alexander Leidinger wrote: > > +> Thanks for the review. I've updated > > +> http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 (modulo > > +> Chris' work in progress). I'm looking forward to the next round. :-) > > > > IMHO there are still problems with strncat(3). > > [ ... ] > > You also still don't add: > > > > buf[sizeof(buf) - 1] = '\0'; > > > > after all strncat(3)s. > > Hmmm... yes, I see the problem... >From strncat(3): char* strncat (char * restrict s, const char * restrict append, size_t count); [ ... ] The strncat function appends not more than count characters from append, and then adds a terminating `\0'. (emphasis added) ^^^^^^^^^^^^^^^^^^^^^^^ So here there really isn't a problem. -- Josh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030827153343.GA27037>