[8153] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: buffer overflow in dbadmin

daemon@ATHENA.MIT.EDU (duke)
Fri Oct 9 13:53:20 1998

Date: 	Fri, 9 Oct 1998 03:02:53 +0000
Reply-To: duke <duke@VIPER.NET.AU>
From: duke <duke@VIPER.NET.AU>
To: BUGTRAQ@NETSPACE.ORG

>

hi,

> dbadmin.c:    strcpy(op_temp,curField->name);
> dbadmin.c:      strcat(rec_new,curField->name);

both op_temp and rec_new are malloc()'d so they are safe enough. dbadmin
still looks exploitable however from:

    strcat(qbuf,thetable);

qbuf is not malloc'd but is a global variable.

-- Mark


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[8153] in bugtraq

Re: buffer overflow in dbadmin

daemon@ATHENA.MIT.EDU (duke)Fri Oct 9 13:53:20 1998

daemon@ATHENA.MIT.EDU (duke)
Fri Oct 9 13:53:20 1998