[4874] in bugtraq
Re: Buffer overflow in "lpr"
daemon@ATHENA.MIT.EDU (Warner Losh)
Wed Jul 9 04:39:25 1997
Date: Tue, 8 Jul 1997 13:41:12 -0600
Reply-To: Warner Losh <imp@VILLAGE.ORG>
From: Warner Losh <imp@VILLAGE.ORG>
X-To: deviant@netlite.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 08 Jul 1997 19:33:46 -0000."
<Pine.LNX.3.95.970708192857.10123A-100000@slartibartfast.sp.org>
-----BEGIN PGP SIGNED MESSAGE-----
In message <Pine.LNX.3.95.970708192857.10123A-100000@slartibartfast.sp.org> Peter writes:
: strncat(buf,file,BUFSIZE-strlen(buf));
Add a -1 after the strlen(buf) to allow space for the terminating
'\0'. I was confusing strncat and strncpy in the detail of NUL
termination in my earlier message, as many sharp Bugtraq readers have
pointed out to me.
Warner
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
iQCVAwUBM8KXqtxynu/2qPVhAQHN3AP+OmuqH1mvOBW3JR3aoBbnPsJkWNaPdD8X
UzdUBZq82uCjr9SXnF/hvn0KNH7zgAt1THRFnwT83IAExOaFQb5JxJe+sq8lSuRb
foxkSuOKpFVseJQjBhHGZuotxz/P6/uXlDZGPMJPYLkmbnBWmuKH9lIOvgrwt5g5
yrIU0vxHIws=
=CGQV
-----END PGP SIGNATURE-----
