Re: buffer overflow in /bin/gzip?

On Wed, Nov 21, 2001 at 12:47:49AM -0600, Bryan Andersen wrote: On thing I think is quite important is to get rid of calls to routines that it is possible to buffer overflow. OpenBSD has a feature in their version of gcc that will cause a compile time error message telling you when one

Re: buffer overflow in /bin/gzip?

On Wed, Nov 21, 2001 at 08:29:09AM +0100, Sebastian Rittau wrote: I hope strcpy() does not belong to this class. It's quite common to do something like this: int len = strlen(s); char *new = (char *) malloc(len + 1); strcpy(new, s); This is perfectly fine. Albeit silly; you mean

Re: buffer overflow in /bin/gzip?

Andrew Suffield [EMAIL PROTECTED] writes: Albeit silly; you mean strdup() Unless you're restricted to C89. -- Alan Shutko [EMAIL PROTECTED] - In a variety of flavors! Style may not be the answer, but at least it's a workable alternative. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with

Re: buffer overflow in /bin/gzip?

John Galt wrote: On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore

Re: buffer overflow in /bin/gzip?

On Wed, Nov 21, 2001 at 12:47:49AM -0600, Bryan Andersen wrote: On thing I think is quite important is to get rid of calls to routines that it is possible to buffer overflow. OpenBSD has a feature in their version of gcc that will cause a compile time error message telling you when one of

Re: buffer overflow in /bin/gzip?

On Wed, Nov 21, 2001 at 08:29:09AM +0100, Sebastian Rittau wrote: I hope strcpy() does not belong to this class. It's quite common to do something like this: int len = strlen(s); char *new = (char *) malloc(len + 1); strcpy(new, s); This is perfectly fine. Albeit silly; you mean

Re: buffer overflow in /bin/gzip?

Andrew Suffield [EMAIL PROTECTED] writes: Albeit silly; you mean strdup() Unless you're restricted to C89. -- Alan Shutko [EMAIL PROTECTED] - In a variety of flavors! Style may not be the answer, but at least it's a workable alternative.

buffer overflow in /bin/gzip?

in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); --_ anders gjære system engineer +47 414 22 934 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: buffer overflow in /bin/gzip?

Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a security problem. -- Guillaume Morin [EMAIL PROTECTED]

Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a

Re: buffer overflow in /bin/gzip?

Previously Guillaume Morin wrote: gzip runs with user privileges, therefore this is not a security problem. But a fair amount of privileged programs do run gzip so it can be a security problem. Wichert. -- _ [EMAIL

Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a security

Re: buffer overflow in /bin/gzip?

John Galt wrote: On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges,

buffer overflow in /bin/gzip?

in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); --_ anders gjære system engineer +47 414 22 934

Re: buffer overflow in /bin/gzip?

Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a security problem. -- Guillaume Morin [EMAIL PROTECTED]

Re: buffer overflow in /bin/gzip?

On Tue, Nov 20, 2001 at 11:33:20PM +0100, Anders Gj?re wrote: in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); The call to strcpy() may be replaced with a call to strncpy(), but there is no problem in the call to strcpy().

Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a

Re: buffer overflow in /bin/gzip?

Previously Guillaume Morin wrote: gzip runs with user privileges, therefore this is not a security problem. But a fair amount of privileged programs do run gzip so it can be a security problem. Wichert. -- _ /[EMAIL

Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: Dans un message du 20 nov à 23:33, Anders Gjære écrivait : in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); gzip runs with user privileges, therefore this is not a security