Date: Mon, 4 Dec 2000 21:48:25 -0500 From: Will Andrews <will@physics.purdue.edu> To: Max Khon <fjoe@iclub.nsu.ru> Cc: Will Andrews <will@physics.purdue.edu>, audit@FreeBSD.ORG Subject: Re: usr.bin audit patch Message-ID: <20001204214825.Z570@puck.firepipe.net> In-Reply-To: <Pine.BSF.4.21.0012050838500.79263-100000@iclub.nsu.ru>; from fjoe@iclub.nsu.ru on Tue, Dec 05, 2000 at 08:43:26AM %2B0600 References: <20001204201058.W570@puck.firepipe.net> <Pine.BSF.4.21.0012050838500.79263-100000@iclub.nsu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 05, 2000 at 08:43:26AM +0600, Max Khon wrote: > p = cmd; > - p += sprintf(cmd, "exec %s", argv[0]); > + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); > for (i = 1; i <= nargs; i++) > - p += sprintf(p, " %c%d", magic, i); > + p += snprintf(p, sizeof(p), " %c%d", magic, i); > > sizeof(p) == sizeof(void *) (== 4 on i386) -- it is not what your tried to > achieve. also do not use strncpy/strncat instead of strcpy/strcat. in most > cases this is useless -- use strlcpy/strlcat instead Ah, ok. You have a point about the latter diff, what about the former? It seems a huge hole to allow a user to specify input via command-line -- even if it's the command itself (argv[0]). -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001204214825.Z570>