Date: Fri, 2 Aug 2002 05:12:26 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: security@freebsd.org Subject: [ache@FreeBSD.org: cvs commit: src/lib/libc/locale setlocale.c] Message-ID: <20020802011225.GA6411@nagual.pp.ru>
next in thread | raw e-mail | index | archive | help
Please fill security advisory for this fix (first part). That original BSD
code bug can be exploitable.
----- Forwarded message from "Andrey A. Chernov" <ache@FreeBSD.org> -----
Date: Thu, 1 Aug 2002 18:04:49 -0700 (PDT)
From: "Andrey A. Chernov" <ache@FreeBSD.org>
Subject: cvs commit: src/lib/libc/locale setlocale.c
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
ache 2002/08/01 18:04:49 PDT
Modified files:
lib/libc/locale setlocale.c
Log:
Prevent out of bounds writting for too many slashes case.
Replace strnpy + ='\0' with strlcpy
MFC after: 1 day
Revision Changes Path
1.35 +10 -14 src/lib/libc/locale/setlocale.c
----- End forwarded message -----
--
Andrey A. Chernov
http://ache.pp.ru/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020802011225.GA6411>