From owner-freebsd-audit  Wed Jan 31 11:30:31 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193])
	by hub.freebsd.org (Postfix) with ESMTP id DD4C837B491
	for <FreeBSD-audit@freebsd.org>; Wed, 31 Jan 2001 11:30:12 -0800 (PST)
Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190])
	by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id f0VJUAu461300;
	Wed, 31 Jan 2001 14:30:10 -0500 (EST)
Received: from enterprise.muriel.penguinpowered.com ([198.82.100.151])
 by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10)
 with ESMTP id <0G81000H6KU9TU@gkar.cc.vt.edu>; Wed,
 31 Jan 2001 14:30:09 -0500 (EST)
Date: Wed, 31 Jan 2001 14:30:09 -0500 (EST)
From: Mike Heffner <mheffner@vt.edu>
Subject: RE: [UPDATED] Re: patch for libc/net/hesiod.c
In-reply-to: <20010131081659.C4720@hamlet.nectar.com>
To: "Jacques A. Vidrine" <n@nectar.com>
Cc: FreeBSD-audit <FreeBSD-audit@freebsd.org>
Message-id: <XFMail.20010131143009.mheffner@vt.edu>
MIME-version: 1.0
X-Mailer: XFMail 1.4.6-3 on FreeBSD
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 8bit
X-Priority: 3 (Normal)
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On 31-Jan-2001 Jacques A. Vidrine wrote:
| This is the patch I think should be applied.  Comments?
| 

Yes, this looks better and protects against truncation. I hadn't noticed the
pre-existing length checks before the strcat()'s. I'll forward your patch to
the address you mentioned in case they can use it.

| Thanks, Mike, for checking this stuff out!

No problem, thanks for reviewing! :)

| 
| diff -u -r1.3 hesiod.c
| --- hesiod.c  2000/09/30 17:29:54     1.3
| +++ hesiod.c  2001/01/31 14:16:06
| @@ -162,7 +162,10 @@
|       const char      *rhs;
|       int              len;
|  
| -     strcpy(bindname, name);
| +     if (strlcpy(bindname, name, sizeof(bindname)) >= sizeof(bindname)) {
| +             errno = EMSGSIZE;
| +             return NULL;
| +     }
|  
|               /*
|                * Find the right right hand side to use, possibly
| 
| Cheers,
| -- 
| Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org

-- 

  Mike Heffner       <mheffner@vt.edu>
  Blacksburg, VA           ICQ# 882073
  http://filebox.vt.edu/users/mheffner



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message