[9293] in bugtraq
Re: Responses to: Unix Security Kernel Changes
daemon@ATHENA.MIT.EDU (Paul Braman)
Fri Jan 29 11:04:00 1999
Date: Fri, 29 Jan 1999 06:41:55 -0500
Reply-To: Paul Braman <aeon@TAMPABAY.RR.COM>
From: Paul Braman <aeon@TAMPABAY.RR.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSI.4.05L.9901281441270.4964-100000@cartman.netrail.net>
On Thu, 28 Jan 1999, Jonathan A. Zdziarski wrote:
> OK NOW: Let me introduce a new question to you. How come we cannot
> write our std c libraries to do something similar to this before
> performing strcat's, etc...
>
> a[sizeof(b)] = NULL (or 0);
>
> to nullify out position x of the variable being copied from where b is the
> variable being copied to ... so if b is a 128 byte array, a[128] =
> 0...if there's a null before that fine...it will stop there...if not, it
> will forcibly stop at 128 when it hits the null.
If a is *not* at least 128 bytes you've just overstepped your bounds.
Besides, when you have received b as a character pointer sizeof() will
return the size of the pointer, not the size of the character array.
Paul Braman
aeon@tampabay.rr.com
