[39906] in Cypherpunks
Re: Another Netscape Bug (and possible security hole)
daemon@ATHENA.MIT.EDU (John Lull)
Fri Sep 22 16:59:38 1995
From: lull@acm.org (John Lull)
To: herbs@interlog.com (Herb Sutter)
Cc: cypherpunks@toad.com
Date: Fri, 22 Sep 1995 20:49:41 GMT
On Fri, 22 Sep 1995 09:47:35 -0400, herbs@interlog.com (Herb Sutter)
wrote:
> Don't just look at this bug, though... check ALL your static buffers and
> include code to check for overflow writes. For example, if Netscape is
> written in C or C++ and the above code uses strcpy(), you could change
> strcpy() to strncpy() everywhere (and then set the last char to null in case
> strncpy() didn't). Your programmers will know what I mean.
Better yet, ban both strncpy and strncat. Replace them with
differently-named routines (strbcpy and strbcat?) that, given a buffer
length, are GUARANTEED to always give you a properly terminated string
that (including the terminator) does not overflow the specified
buffer.
Even better, use a good string class that does all this automatically
all the time.
