On Mon, 22 Nov 1999, T.E.Dickey wrote: > > Actually, I forgot about the third nasty he finds, buffer overruns: > > there's fewer of them now, but probably impossible to remove all (if we > can reproduce this one, we'll remove it). HTTP.c: char line[INIT_LINE_SIZE]; Used with unchecked sprintf / strcpy / strcat. Of course normally the data it operates on comes from local configuration not from the network, so there won't be any strings that overflow the buffer (unless you ask for it). Klaus
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing prot... T.E.Dickey
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing... Klaus Weide
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoo... Leonid Pauzner
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing prot... T.E.Dickey
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing... Philip Webb
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing... Klaus Weide
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoo... Natasha Live
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... Philip Webb
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-... Klaus Weide
- Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing prot... T.E.Dickey
- Klaus Weide
