Pekka Savola writes:
>
> if the read data is too long, sscanf will read 16 bytes and append a
> terminating NULL, causing 1 byte of corrupted memory.
I've checked in a slightly different fix for this problem. Note that it
only occurs in the notoriously buggy PRESERVE_PERMISSIONS_SUPPORT code
that is disabled by default. Use it only at your own risk.
> For what it's worth, not using buffer boundary checks (sprintf, strcat,
> strcpy etc. instead of snprintf etc.) in the code is way bound for
> disaster sooner or later. If architectures lacking these are supported,
> I'd probably add a support library consisting of these functions as e.g.
> OpenSSH does.
Most of the code uses dynamic allocation to ensure that the buffer is
large enough. Using snprintf, particularly a third-party version, would
likely hurt performance for no real benefit.
-Larry Jones
These things just seem to happen. -- Calvin
_______________________________________________
Bug-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-cvs
