[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Security house-cleaning
|
From: |
Tim |
|
Subject: |
Re: [Qemu-devel] [PATCH] Security house-cleaning |
|
Date: |
Thu, 17 Jun 2004 21:13:29 -0700 |
|
User-agent: |
Mutt/1.5.6+20040523i |
> nooooope, strcpy has no way of knowing how big the buffer is other than
> what you tell it. It's likely that all (or most) of the buffers that are
> strcpy'd to are initialised to zero / .bss so it doesn't matter in
> reality, but better safe than sorry. What if some buffer is moved to
> stack later, that would expose the latent bug.
Oh... you are right. It only pads with nulls if the src string is
shorter than the length argument. I'll fix those and submit a new
version in a day or two.
thanks,
tim
- Re: [Qemu-devel] [PATCH] Security house-cleaning, (continued)
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Gianni Tedesco, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Renzo Davoli, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Panagiotis Issaris, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Sebastien Bechet, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Tim, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Sander Nagtegaal, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Gianni Tedesco, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Renzo Davoli, 2004/06/17
- Re: [Qemu-devel] [PATCH] Security house-cleaning, Tim, 2004/06/17