httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: [linux-security] so-called snprintf() in db-1.85.4 (fwd)
Date Fri, 11 Jul 1997 01:57:35 GMT
Brian Behlendorf wrote:
> 
> 
> I just want to say thank you to marc for giving us a real snprintf.  look
> what kind of press we could have garnered with a bogus one. :)
> 

Not to be snippy, but I did the snprintf() stuff, not Marc, basically porting
it over from xinetd. Marc did the legwork in changing our sprintf()s
to snprintf()s and that neat tester.


> 	Brian
> 
> >Approved-By: aleph1@UNDERGROUND.ORG
> >X-Mailer: ELM [version 2.4 PL25]
> >Date: 	Thu, 10 Jul 1997 04:46:09 -0500
> >Reply-To: Joe Zbiciak <jzbiciak@DALDD.SC.TI.COM>
> >Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
> >From: Joe Zbiciak <jzbiciak@DALDD.SC.TI.COM>
> >Subject:      Re: [linux-security] so-called snprintf() in db-1.85.4 (fwd)
> >X-To:         aleph1@DFW.NET
> >To: BUGTRAQ@NETSPACE.ORG
> >
> >'Aleph One' said previously:
> >|
> >| Hi,
> >|
> >| There is a severe problem with the db-1.85.4 library's Linux
> >| port that can be found on sunsite.unc.edu under
> >| /pub/Linux/libs/db-1.85.4-src.tar.gz (sp?): This library
> >| contains a "snprintf" function which breaks down to a common
> >| sprintf, ignoring the size parameter. [...]
> >
> >The old Linux libbsd (whose source is included in a subdirectory
> >of the libc source) had such an snprintf as well.  I would imagine
> >anybody linking against an old libbsd would have this same
> >problem.
> >
> >To quote the source file:
> >
> >/* snprintf.c - emulate BSD snprintf with sprintf - rick sladkey */
> >
> >#include <stdio.h>
> >#include <stdarg.h>
> >
> >int snprintf(char *s, int len, char *format, ...)
> >{
> >        You are trying to do something very wrong.
> >        Don't use this source if you want to stay alive!
> >
> >        va_list args;
> >        int result;
> >
> >        va_start(args, format);
> >        result = vsprintf(s, format, args);
> >        va_end(args);
> >        return result;
> >}
> >
> >
> >Somebody obviously had enough of a sense of humor to place the
> >(non-comment-enclosed) statement in this version.  Apparently, once
> >upon a time that was an active part of the library.  (*shudder*)
> >
> >
> >Regards,
> >
> >--Joe
> >
> >--
> > +--------------Joseph Zbiciak--------------+
> > |- - - - jzbiciak@daldd.sc.ti.com - - - - -|
> > | - - http://www.primenet.com/~im14u2c - - |      Not your average "Joe."
> > |- - - - Texas Instruments,  Dallas - - - -|
> > +-------#include <std_disclaimer.h>--------+
> >
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> "Why not?" - TL           brian@organic.com - hyperreal.org - apache.org
> 


-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
            "Look at me! I'm wearing a cardboard belt!"

Mime
View raw message