Date: Wed, 07 Feb 2001 18:00:49 -0500 (EST) From: Mike Heffner <mheffner@vt.edu> To: Mike Heffner <mheffner@vt.edu> Cc: FreeBSD-audit <FreeBSD-audit@freebsd.org> Subject: RE: lam(1) patch Message-ID: <XFMail.20010207180049.mheffner@vt.edu> In-Reply-To: <XFMail.20010126005836.mheffner@vt.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26-Jan-2001 Mike Heffner wrote: | | The following patch fixes the following: | | - sprintf() -> snprintf() | - manual (unbounded) while() loop string copying -> strlcpy() | - use tolower() rather than bit or'ing | - sanity check the user specified printf() format | - prevent walking off end of inputfile array | - some other string bounds issues | | Reviews please? | | | Also available from: | http://filebox.vt.edu/users/mheffner/patches/lam.patch Any objections to me committing this? Also, should I follow it up with a de-__P() patch? -- Mike Heffner <mheffner@vt.edu> Blacksburg, VA <mikeh@FreeBSD.org> http://filebox.vt.edu/users/mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20010207180049.mheffner>