From owner-freebsd-security Sat Feb 8 12:54:19 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA28530 for security-outgoing; Sat, 8 Feb 1997 12:54:19 -0800 (PST) Received: from char-star.rdist.org (char-star.rdist.org [206.54.252.22]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id MAA28522 for ; Sat, 8 Feb 1997 12:54:16 -0800 (PST) From: tqbf@enteract.com Received: (qmail 3817 invoked by uid 1001); 8 Feb 1997 20:54:49 -0000 Date: 8 Feb 1997 20:54:49 -0000 Message-ID: <19970208205449.3816.qmail@char-star.rdist.org> To: jkh@time.cdrom.com, freebsd-security@freebsd.org Subject: Re: Don't fulminate, be productive (was Re: Karl fulminates, film at 11. == thanks) In-Reply-To: <7610.855424259@time.cdrom.com> Reply-To: tqbf@enteract.com Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article <7610.855424259@time.cdrom.com>, you wrote: >Actually, that's a good 50% of it. The other 50% is replacing >strcpy()'s with strncpy()'s. :-) Don't forget those strvis() overflows. That's at least 3% right there. -- ---------------- Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com] ---------------- exit(main(kfp->kargc, argv, environ));