Date: Tue, 5 Jun 2001 06:58:52 -0500 From: "Jacques A. Vidrine" <n@nectar.com> To: freebsd-audit@freebsd.org Cc: mikeh@freebsd.org Subject: Re: Fwd: [$HOME buffer overflow in SunOS 5.8 x86] Message-ID: <20010605065852.B30939@shade.nectar.com> In-Reply-To: <20010604191356.A48356@shade.nectar.com>; from n@nectar.com on Mon, Jun 04, 2001 at 07:13:57PM -0500 References: <20010604185510.B47924@shade.nectar.com> <20010604191356.A48356@shade.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 04, 2001 at 07:13:57PM -0500, Jacques A. Vidrine wrote: > On Mon, Jun 04, 2001 at 06:55:11PM -0500, Jacques A. Vidrine wrote: > > There are several other potential overflows (sprintf, strcpy), but > > here is a patch for ones involving HOME. I don't think this > > represents a security problem, though. > > Oops, forgot patch to extern.h. Here's the whole set again, with that > leading. I had a dream last night that someone already patched this, and more, in -CURRENT over 2 months ago, and that I had even reviewed the changes 8-) I don't know why I didn't check -CURRENT before doing a quick fix. Mike, how about MFCing your mail commits? Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010605065852.B30939>