[15607] in bugtraq
Re: WuFTPD: Providing *remote* root since at least1994
daemon@ATHENA.MIT.EDU (Kragen Sitaker)
Sun Jul 2 16:06:19 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0006302124550.5801-100000@kirk.dnaco.net>
Date: Fri, 30 Jun 2000 21:43:02 -0400
Reply-To: Kragen Sitaker <kragen@POBOX.COM>
From: Kragen Sitaker <kragen@POBOX.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.21.0006301939150.3563-100000@kirk.dnaco.net>
[Elias, if you approve my previous post, I'd be most obliged if you'd
post this correction with it.]
On Fri, 30 Jun 2000, Kragen wrote:
> ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string/. Theo de Raadt
> posted a portable, audited, well-tested implementation of snprintf to
> BUGTRAQ in 1997; unfortunately, his link to
> http://theos.org/~deraadt/snprintf.c is now broken.
Sorry, that's http://theos.com/~deraadt/snprintf.c, and it's still
broken. :)
However, http://theos.com/deraadt/snprintf.c works.
It's also not particularly portable, relying on mprotect(),
sigaction(), and sigsetjmp(), so it will only run on Unixes, and only
mostly POSIX-compliant ones, at that --- no ancient BSD without
sigaction and no ancient SysV without mprotect(). Also, it could
conceivably break if you handle SIGSEGV yourself (for e.g. user-level
virtual memory). And it appears to have a bug: if you try to write
into a buffer of zero bytes, it nevertheless null-terminates the
result.
So maybe there's still an excuse for not using snprintf(). :)
--
<kragen@pobox.com> Kragen Sitaker <http://www.pobox.com/~kragen/>
The Internet stock bubble didn't burst on 1999-11-08. Hurrah!
<URL:http://www.pobox.com/~kragen/bubble.html>
The power didn't go out on 2000-01-01 either. :)
