[7064] in bugtraq
Re: QPOPPER problem.... ONE crude patch...
daemon@ATHENA.MIT.EDU (Daniel Ryde)
Sat Jun 27 18:10:08 1998
Date: Sat, 27 Jun 1998 18:31:05 +0200
Reply-To: Daniel Ryde <ryde@TRIPNET.SE>
From: Daniel Ryde <ryde@TRIPNET.SE>
X-To: Tom Brown <tbrown@BAREMETAL.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.980627012343.1876C-100000@tom2.baremetal.com>
On Sat, 27 Jun 1998, Tom Brown wrote:
> vsnprintf(mp,sizeof(message)-(mp - message)-3,format,ap);
Dangerous, if the string is truncated it will skip the null termination,
then later the strcat might fail miserably (unless all arcitectures makes
for sure that, when allocated, the string is filled with null, which I
really doubt). Another note is the next lines of sprintf (architectures
that dont have vsprintf) that will have the same problem as vsprintf.
Change these to snprintf in a similar way, and add a null to the end.
Best Regards
Daniel Ryde, System Administrator
__________________________________________________________________________
Tripnet AB Visit Address: Telephone: +46 31 7252500
Box 5071 Avagen 42 Facsimile: +46 31 7252501
S-402 22 GOTEBORG GOTEBORG Email: ryde@tripnet.se
Sweden Sweden
