[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Some more security issues in Lynx...
From: |
Wayne Buttles |
Subject: |
Re: lynx-dev Some more security issues in Lynx... |
Date: |
Fri, 30 Oct 1998 17:56:16 -0500 (EST) |
What is snprintf?
I don't think it is on my older linux systems or my Borland compiler.
On Fri, 30 Oct 1998, brian j. pardy wrote:
> Some more possible problems we need to get taken care of...
>
> ----- Forwarded message from Alan Cox <address@hidden> -----
>
> From: address@hidden (Alan Cox)
> Subject: Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)
> To: address@hidden
> Date: Fri, 30 Oct 1998 19:44:48 +0000 (GMT)
> In-Reply-To: <address@hidden> from "brian j. pardy" at Oct 28, 98 09:47:53 pm
> X-SBClass: OK
>
> > FWIW, from CHANGES (for 2.8.1rel.2, the most recent version):
> >
> > 1998-05-10 (2.8.1dev.10)
> > [...]
> > * fix for buffer-overrun in LYMail.c when processing a
> > mailto:very-log-address
> > URL - BL
> >
>
> I've got another patch brewing for you btw. There are a pile of other possible
> overrun cases that dont appear to be caught. I went through the code with
> some snprintf using macros to clean the ones could see up. In paticular
> lynx regularly does shell expansion of a buffer into a buffer of similar
> (not 5 times) the size.
>
> I notice you dont use snprintf - is that a Lynx policy decision.
>
> Alan
>
> ----- End forwarded message -----
>
> --
> GPG & PGP public keys: <URL:http://www.psnw.com/~posterkid/keys/>
> PGP fingerprint: 42 57 B3 D2 39 8E 74 C3 5E 4D AC 43 25 D2 26 D4
>
> unix soit qui mal y pense
>