Date: Fri, 10 Aug 2001 17:40:50 +0300 From: Ruslan Ermilov <ru@FreeBSD.ORG> To: Mark Murray <mark@grondar.za> Cc: Mike Barcroft <mike@FreeBSD.ORG>, audit@FreeBSD.ORG Subject: Re: login(1) changes Message-ID: <20010810174050.C60193@sunbay.com> In-Reply-To: <200108091009.f79A9dW00872@grimreaper.grondar.za>; from mark@grondar.za on Thu, Aug 09, 2001 at 11:09:39AM %2B0100 References: <20010809010358.A18538@coffee.q9media.com> <200108091009.f79A9dW00872@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 09, 2001 at 11:09:39AM +0100, Mark Murray wrote: > > ---------------------------------------------------------------------- > > > > login.20010808-rev2.patch > > > > o Replace occurrences of strncpy(3) with strlcpy(3); most of > > the uses of it were wrong anyway. > > o Always check for NULL returns on strdup(3). > > o Fix a possible buffer overflow in strcpy(3). > > o Fix a format string vulnerability. > > o t->ty_type in stypeof() could be NULL and eventually cause > > a segmentation fault in setenv(3), so check for that. > > > > Index: login/login.c > > I have not run this, but looking over it, it all looks pretty sane. > > Personally, I'd also push for a s/(void)foo()/foo()/, > s/foo __P((X))/foo(X)/ and ansification, but this is OK. > Please don't mix functional and style changes. These last two are style changes only, while all of the above are functional changes. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010810174050.C60193>