Hello, On Wed, 6 Jul 2005, Leonard den Ottolander wrote:
> > As this is clearly a buffer overflow, we should not use the function at > > all and document this somewhere. Maybe like that: > > > > #if 0 > > /* the glibc implementation of getgrouplist(3) has a > > * buffer overflow vulnerability, so we cannot use this function */ > > ... > > #endif > > What a curious suggestion. If we wouldn't use functions that might have > been poorly implemented in any version of any library mc uses there > wouldn't be many functions left to use after a while. If this is indeed > a glibc issue the user should patch his glibc. I second that. _______________________________________________ Mc-devel mailing list http://mail.gnome.org/mailman/listinfo/mc-devel