Date: Sat, 8 Feb 1997 09:34:21 +1100 From: Bruce Evans <bde@zeta.org.au> To: freebsd-current@freebsd.org, imp@village.org Subject: Re: CERT Advisory CA-97.06 - Vulnerability in rlogin/term (fwd) Message-ID: <199702072234.JAA19754@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>: FreeBSD, Inc. >: ============= >: This vulnerability is present in FreeBSD 2.1.5 and previous >: versions. It was fixed in all FreeBSD source and >: binary distributions dated after 1996/07/25. >... >: ! term[MAX_TERM_LENGTH] = '\0'; >... > >Shouldn't that be MAX_TERM_LENGTH-1? No. MAX_TERM_LENGTH really is the maximum string length, so it doesn't count the nul terminator. Anyway, N-1 should be N - 1 :-). Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702072234.JAA19754>