Date: Mon, 27 Nov 2000 12:45:05 -0800 From: Kris Kennaway <kris@FreeBSD.org> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: Kris Kennaway <kris@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/cron/cron cron.h Message-ID: <20001127124505.A65167@citusc17.usc.edu> In-Reply-To: <200011272018.MAA37340@gndrsh.dnsmgr.net>; from freebsd@gndrsh.dnsmgr.net on Mon, Nov 27, 2000 at 12:18:10PM -0800 References: <200011262221.OAA78674@freefall.freebsd.org> <200011272018.MAA37340@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--WIyZ46R2i8wDzkSu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 27, 2000 at 12:18:10PM -0800, Rodney W. Grimes wrote: > > kris 2000/11/26 14:21:40 PST > >=20 > > Modified files: > > usr.sbin/cron/cron cron.h=20 > > Log: > > Correct definition of MAXHOSTNAMELEN in ifdef'ed out code >=20 > I actaully was ignoring these until it hit me, your actually probably > breaking the purpose of these. Old systems that didn't have MAXHOSTNAMEL= EN > defined in system headers had a 64 byte length for this. I suspect if one > takes this code after your ``Correction'' and compiles it on one of these > systems a buffer overflow condition could easily be triggered. I'm making the buffers larger, not smaller. If ths code were to be compiled on a system which has the definition of MAXHOSTNAMELEN in a nonstandard place (so it isn't #included by the code) but it has a DNS resolver which is RFC-compliant and capable of returning hostnames up to 255 octets long, then there would be a buffer overflow when it tries to store the result in a 64-byte buffer. > I'd rather just see the ifdef'ed code removed so that the compile fails, > rather than the compile working and the code failing in strange ways at > run time. I thought about doing that, but it was easy to fix. Kris --WIyZ46R2i8wDzkSu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoix9EACgkQWry0BWjoQKVYMQCgiQZ5MAAefo11WeFxV8vPJDW/ ucYAn3rouzJyR1U7PsNKIq+s01GEJlO6 =C9BW -----END PGP SIGNATURE----- --WIyZ46R2i8wDzkSu-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001127124505.A65167>