We are trying to study the buffer overflow attacks and their defenses, and
found that the same buffer overflow exploit works for vulnerable programs with
strcpy() does not work on gets(). We try to identify the reason and study the
source code. We can find strcpy() on glibc but cannot find gets() there.
Where can we find the dangerous gets() source code in gnu software package for
Linux distribution such as Redhat?
If this is not the right mail list to ask, please help direct us to the right
maillist or news group. Thanks.
Edward
Professor Edward Chow
[EMAIL PROTECTED]
University of Colorado at Colorado Springs
http://cs.uccs.edu/~chow
1420 Austin Bluffs Parkway
TEL: (719)262-3110
Colorado Springs, CO 80933-7150
FAX: (719)262-3369
_______________________________________________
help-gnu-utils mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-gnu-utils
