Hi Andreas, * Andreas Tille <[EMAIL PROTECTED]> [2008-09-05 17:59]: > On Fri, 5 Sep 2008, Nico Golde wrote: > > >As far as I know this was part of the patch by oCert. > > Well, who actually is oCert, i.e. how can I report problems with > their patches?
http://www.ocert.org/advisories/ocert-2008-014.html https://www.ocert.org/contact_info.html has some contact information. > >However its not a security fix but just a cleanup as both > >function calls are equal. > > Well, apparently they are not. If you include the patch wordnet > fails displaying synonyms. I have no idea why. And while I'm > no security expert I prefer strncpy - OK I admit strlen seeks > for a '\0' and thus it might look equal at first view, but feel > free to try the difference with and without this part of the > patch (check out from SVN might help you seeing the difference). Sorry I have no time to dig into this further as I'm moving to a new house on monday :) Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpGNEklX0Cbi.pgp
Description: PGP signature