On Wednesday, August 20 2014, Hádrian R wrote:
Hi, I'm Kaiwaiata, since more than 2h searching and finding various
possible vulnerabilities in source code of GDB..
I will tell you one vulnerability now, if they treat me well I will tell
the other..
Hello Kaiwaiata,
Thanks for the message. However, this list is not used by GDB folks
anymore. I recommend you to post your message on g...@sourceware.org.
unsafe use of *strcpy()* in *int net_open (.. ..){**:*
*gdb-7.8.tar\gdb\ser-tcp.c:*
*line 187: *strncpy (hostname, name, tmp);
*line 187: *strcpy (hostname, localhost);
You could even post a patch fixing this, if you want. To do that, send
the patch to gdb-patc...@sourceware.org.
Thanks,
--
Sergio
GPG key ID: 0x65FC5E36
Please send encrypted e-mail if possible
http://sergiodj.net/
___
bug-gdb mailing list
bug-gdb@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-gdb