[8387] in bugtraq
Re. ssh-1.2.26 patch for log_msg() overflow (scp fix)
daemon@ATHENA.MIT.EDU (Andrew Daviel)
Tue Nov 3 22:02:26 1998
Date: Tue, 3 Nov 1998 00:16:21 -0800
Reply-To: Andrew Daviel <advax@triumf.ca>
From: Andrew Daviel <andrew@ANDREW.TRIUMF.CA>
To: BUGTRAQ@NETSPACE.ORG
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Re. ssh-1.2.26 patch for log_msg() overflow:
I wrote:
>I see "va_list args" missing from scp.c; so I copied it from
>similar code in packet.c.
it's been pointed out to me that this is incorrect; try this instead:
diff -u -r scp.c.patched scp.c
- --- scp.c.patched Mon Nov 2 23:23:27 1998
+++ scp.c Mon Nov 2 23:23:42 1998
@@ -333,7 +333,7 @@
char buf[1024];
va_start(ap, fmt);
- - vsnprintf(buf, sizeof(buf), fmt, args);
+ vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
fprintf(stderr, "%s\n", buf);
exit(255);
apologies
Andrew Daviel
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQA/AwUBNj672VJ35y/HYktJEQJ43QCgsf117UjD/O8YV3sfEZVdE8X3xi0AoMQm
cFi2HYLtUbCeymfQ2PInjjv9
=oVNm
-----END PGP SIGNATURE-----
