[15719] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ftpd and setproctitle()

daemon@ATHENA.MIT.EDU (Firstname Lastname)
Mon Jul 10 15:55:47 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID:  <20000710104106.A6868@boehm.org>
Date:         Mon, 10 Jul 2000 10:41:07 +0200
Reply-To: typo@SCENE.AT
From: Firstname Lastname <typo@SCENE.AT>
X-To:         Bernd Luevelsmeyer <bernd.luevelsmeyer@HEITEC.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <39665EB5.CBD86561@heitec.net>

On Sat, Jul 08, 2000 at 12:50:29AM +0200, Bernd Luevelsmeyer wrote:
> For this class of bugs, shouldn't it be possible to modify the compiler
> so it will flag any occurrence of a non-constant format string in
> printf()-like functions?

i've already mailed my patch to the security audit list >7 days ago...
http://inferno.tusculum.edu/~typo/tesogcc.tgz

sorry for the deficient README...

    typo

--
so much entropy, so little time


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[15719] in bugtraq

Re: ftpd and setproctitle()

daemon@ATHENA.MIT.EDU (Firstname Lastname)Mon Jul 10 15:55:47 2000

daemon@ATHENA.MIT.EDU (Firstname Lastname)
Mon Jul 10 15:55:47 2000