From owner-freebsd-questions  Wed Sep  6 11:06:28 1995
Return-Path: questions-owner
Received: (from majordom@localhost)
          by freefall.freebsd.org (8.6.11/8.6.6) id LAA18438
          for questions-outgoing; Wed, 6 Sep 1995 11:06:28 -0700
Received: from wptx01.physik.uni-wuerzburg.de (wptx01.physik.uni-wuerzburg.de [132.187.40.1])
          by freefall.freebsd.org (8.6.11/8.6.6) with ESMTP id LAA18081
          for <questions@freebsd.org>; Wed, 6 Sep 1995 11:04:00 -0700
Received: from wptx02.physik.uni-wuerzburg.de (wptx02.physik.uni-wuerzburg.de [132.187.40.2]) by wptx01.physik.uni-wuerzburg.de (8.6.10/8.6.10) with ESMTP id UAA25907 for <questions@freebsd.org>; Wed, 6 Sep 1995 20:02:05 +0200
Received: (from marc@localhost) by wptx02.physik.uni-wuerzburg.de (8.6.10/8.6.10) id UAA10110 for questions@freebsd.org; Wed, 6 Sep 1995 20:02:42 +0200
From: Marc Binderberger <marc@Physik.Uni-Wuerzburg.DE>
Message-Id: <199509061802.UAA10110@wptx02.physik.uni-wuerzburg.de>
Subject: FreeBSD != 4.4BSD ???
To: questions@freebsd.org
Date: Wed, 6 Sep 1995 20:02:42 +0200 (MESZ)
Reply-To: marc@Physik.Uni-Wuerzburg.DE (Marc Binderberger)
X-Mailer: ELM [version 2.4 PL24 ME7a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1250      
Sender: questions-owner@freebsd.org
Precedence: bulk


Hello,

up to now I understood FreeBSD 2.x as an implementation of 4.4BSD (light)
on PC based hardware. Hmm... I'm irritated by the following article
Eric Allman wrote about the possibility to overload the internal
syslog buffer:

[Newsgroups: comp.mail.sendmail, Message-ID: <427sc8$4q6@agate.berkeley.edu>]
	[...]
  THE REAL PROBLEM IS NOT IN SENDMAIL AND IS ARGUABLY NOT IN SYSLOG.
  The real problem is in sprintf and vsprintf.  We learned way back
  with the Internet Worm that routines that write a buffer without
  taking a buffer size (in that case, gets) are a bad idea, but except
  for 4.4BSD, no one seems to have figured out that sprintf (and
  vsprintf) are included in this list.
	[...]

So I expected to have no such problems. But a look into the sources
(I'm using FreeBSD 2.1.0-950726-SNAP) and a small test program (just
logging 16k of `x' ... core!) tells me that I must have something
misunderstood. Seems that FreeBSD isn't produced totally out of the
4.4BSD Sources? Or do I over-interpret Eric's article?


Explanations? Comments?


Regards, Marc.
-- 
Marc Binderberger		          Institut fuer Theoretische Physik I
marc@Physik.Uni-Wuerzburg.DE	          Am Hubland, 97074 Wuerzburg, Germany
			sciene is mistake up to date