[7129] in bugtraq
Re: patch for qpopper remote exploit bug
daemon@ATHENA.MIT.EDU (der Mouse)
Wed Jul 1 12:17:56 1998
Date: Tue, 30 Jun 1998 15:35:32 -0400
Reply-To: der Mouse <mouse@RODENTS.MONTREAL.QC.CA>
From: der Mouse <mouse@RODENTS.MONTREAL.QC.CA>
To: BUGTRAQ@NETSPACE.ORG
> Today, snprintf and vsnprintf are required. Without them, there's
> some code in the libraries which cannot be written safely.
> ie:
> gen/syslog.c: prlen = vsnprintf(p, tbuf_left, fmt_cpy, ap);
Actually, stuff like this can be done just fine with what NetBSD (and
OpenBSD, presumably) calls funopen() - you don't actually {,v}snprintf.
Indeed, funopen() is a bit of a sledgehammer; all the rest of stdio
could be removed without losing any power (just convenience).
I actually prefer funopen() in most respects. In particular, it allows
things like printing into mallocked storage without having to impose a
length limit (which naive use of snprintf and strdup does).
stdio has desperately needed something like funopen() for a long time.
It was so egregiously missing that I hacked it into the 4.3 stdio back
when I was working with 4.3...I called it fopenfxn() and the interface
was a bit different, but it was basically the same idea.
der Mouse
mouse@rodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
