[15533] in bugtraq
Re: WuFTPD: Providing *remote* root since at least1994
daemon@ATHENA.MIT.EDU (Lars Mathiesen)
Wed Jun 28 19:12:35 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <1000628124327.ZM13619@fafnir>
Date: Wed, 28 Jun 2000 12:43:26 +0100
Reply-To: Lars Mathiesen <syl@ECMWF.INT>
From: Lars Mathiesen <syl@ECMWF.INT>
X-To: der Mouse <mouse@RODENTS.MONTREAL.QC.CA>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: der Mouse <mouse@RODENTS.MONTREAL.QC.CA> "Re: WuFTPD: Providing
*remote* root since at least1994" (Jun 26, 16:01)
On Jun 26, 16:01, der Mouse wrote:
> Well, IIRC snprintf() isn't specified by ANSI C at all, which would
> make this technically true but rather misleading.
>
> Of course, it's been a while since I made any effort to bring my
> knowledge of ANSI/ISO C up to current, so this could well have
> changed.
As of 2000-05-22, ANSI C is ANSI/ISO/IEC 9899-1999, i.e., C99.
(See "ANSI Standards Action", Volume 31, #12, June 16, 2000, page 13,
<URL:http://web.ansi.org/rooms/room_14/Public/pdfs/SAV3112.pdf>)
C99 does specify snprintf (in 7.19.6.5), and requires it to terminate
the string with a null character. (Unless that was changed since the
committee draft of 1998-08-03 (WG14/N843) which is what I have here).
> Regardless of what ANSI may say, though, I still consider it a
serious
> bug for snprintf() to fail to NUL-terminate, except when the size
> parameter is zero.
No argument there.
--
Lars.Mathiesen@ecmwf.int
ECMWF, Shinfield Park,
Reading, Berks.
RG2 9AX England
