[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-inetutils] [PATCH] fix buffer overflow in ftp

From: Robert Millan
Subject: [bug-inetutils] [PATCH] fix buffer overflow in ftp
Date: Tue, 4 Nov 2003 12:09:55 +0100
User-agent: Mutt/1.5.4i


John Hasler <address@hidden> sent me a patch for the buffer overflow
problem in ftp I reported some time ago:


John said:
> The bug is due to the failure to check the length of the string returned by
> readline(): it eventually gets copied into the 200 byte buffer argbuf.  The
> non-readline code looks ok.  A patch is attached.

His patch is attached. A better solution would probably be to handle it
dynamicaly, but this patch should solve the problem for now.

Please keep the CC on both John and Debian BTS for your response.

Robert Millan

"[..] but the delight and pride of Aule is in the deed of making, and in the
thing made, and neither in possession nor in his own mastery; wherefore he
gives and hoards not, and is free from care, passing ever on to some new work."

 -- J.R.R.T, Ainulindale (Silmarillion)

Attachment: patch.diff
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]