Date: Sat, 14 Apr 2007 18:31:46 +0200 From: Roman Divacky <rdivacky@freebsd.org> To: Maxim Konovalov <maxim@macomnet.ru> Cc: current@freebsd.org Subject: Re: off-by-one error in sbin/atm Message-ID: <20070414163146.GA83428@freebsd.org> In-Reply-To: <20070414200928.F9990@mp2.macomnet.net> References: <20070414154242.GA82355@freebsd.org> <20070414200928.F9990@mp2.macomnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 14, 2007 at 08:09:40PM +0400, Maxim Konovalov wrote: > On Sat, 14 Apr 2007, 17:42+0200, Roman Divacky wrote: > > > hi > > > > in /usr/src/sbin/atm/atmconfig/diag.c on line 871 there's > > off-by-one error. array of size IFNAMSIZ is being written > > on IFNAMSIZ, ie. one byte after the array. > > > > this code > > ifr.ifr_name[IFNAMSIZ] = '\0'; > > should be > > ifr.ifr_name[IFNAMSIZ-1] = '\0'; > > > > thnx for fixing it :) > > fixed, thanks. thnx, that was fast :) just a note.. this was found by compiling world using gcc43. I wonder how many more I'll find :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070414163146.GA83428>