On Fri, 6 Apr 2001, Erik Fichtner wrote: > + /* avoid buffer overflow */ > + if (tp > buf + sizeof(buf)) >return(0); > + } There is an off-by-one error here. The above conditional should read as follows: if (tp >= buf + sizeof(buf)) return(0); -- + Maciej W. Rozycki, Technical University of Gdansk, Poland + +--------------------------------------------------------------+ + e-mail: [EMAIL PROTECTED], PGP key available +
- Re: ntpd =< 4.0.99k remote buffer overflow Stephen Clouse
- Re: ntpd =< 4.0.99k remote buffer overflow Dick St.Peters
- Re: ntpd =< 4.0.99k remote buffer overflow Przemyslaw Frasunek
- Re: ntpd =< 4.0.99k remote buffer overflow Stephen Clouse
- Re: ntpd =< 4.0.99k remote buffer overflow Rex Sanders
- Re: ntpd =< 4.0.99k remote buffer overflow Viraj Alankar
- ntpd - new Debian 2.2 (potato) version is also vu... Daniel Kiper
- Re: ntpd =< 4.0.99k remote buffer overflow Ogle Ron (Rennes)
- Re: ntpd =< 4.0.99k remote buffer overflow Erik Fichtner
- Re: ntpd =< 4.0.99k remote buffer overflow Erik Fichtner
- Re: ntpd =< 4.0.99k remote buffer overflow Maciej W. Rozycki
- Re: ntpd =< 4.0.99k remote buffer overflow Chris Faulhaber
- Re: ntpd =< 4.0.99k remote buffer overflow Durval Menezes
- Re: ntpd =< 4.0.99k remote buffer overflow Erik Fichtner
- Re: ntpd =< 4.0.99k remote buffer overflow Durval Menezes
- Re: ntpd =< 4.0.99k remote buffer over... Crist Clark
- Re: ntpd =< 4.0.99k remote buffer over... Erik Fichtner
- Re: ntpd =< 4.0.99k remote buffer overflow Valdis Kletnieks
- Re: ntpd =< 4.0.99k remote buffer overflow Buhrmaster, Gary
- Re: ntpd =< 4.0.99k remote buffer overflow William W. Arnold
