Quoting Thomas Schuerger <[EMAIL PROTECTED]> from ml.softs.gtk-gnutella.devel:
:Just from a quick glance: The buffer overflow warning is issued in
:shell.c:821. It simply means that the line to read from the socket (to
:which you are connected using telnet) contains a line that is longer
:than the line buffer. It doesn't actually perform any operation that
:would write over the buffer's boundaries, because it detects if it
:would do so. So it's nothing to worry about (it cannot be exploited).
Correct. The message would better read if it had been spelled out as:
Buffer WOULD overflow.
Since we detect a would-be condition, not an after-the-fact condition.
(which would have said "buffer has overflown" or "buffer has overflowed").
Raphael
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Gtk-gnutella-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
