Date: Thu, 19 Oct 1995 20:31:11 -0700 From: David Greenman <davidg@Root.COM> To: Nate Lawson <nate@elite.net> Cc: security@freebsd.org Subject: Re: statustatus of syslog patch? Message-ID: <199510200331.UAA02698@corbin.Root.COM> In-Reply-To: Your message of "Thu, 19 Oct 95 20:07:34 PDT." <199510200307.UAA15977@elite.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>What is the status of the patch for the buffer overflow in syslog()? >I checked FreeBSD-current as of 10/19 and the sccs id still says: >"@(#)syslog.c 8.4 (Berkeley) 3/18/94" It'll say that until the end of time...that's Berkeley's ID. Our ID's are in the form of "$Id: <blah blah> $"...we use cvs/RCS (not SCCS). Not all of our source files have $Id$'s in them; we haven't gotten around to adding them yet. >Does anyone plan to integrate it into the source tree? If not, can someone >please send me a copy of syslog.c that safely and intelligently uses >snprintf to limit buffer overflows? It has already been integrated. -DG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510200331.UAA02698>