For those concerned about bloat, etc. on x86_64/MUSL, all of the changes add
about 500 bytes extra to the size of firewall’s executable.
> On May 27, 2020, at 1:59 PM, Philip Prindeville
> wrote:
>
> From: Philip Prindeville
>
> Make sure no buffer overruns present a vulnerability in the
From: Philip Prindeville
Make sure no buffer overruns present a vulnerability in the firewall.
Get rid of unsafe string functions: strcpy, strncpy, strcat, strncat,
sprintf, etc. Doing pointer arithemetic with the return value of
sprintf() is inherently unsound. Per the sprintf() man page:
So that I may craft the rewrite appropriately, it would help to know what your
objection to strlcpy() is.
Sent from my iPhone
> On May 14, 2020, at 7:24 PM, Philip Prindeville
> wrote:
>
> What should I use instead of strlcpy or strcpy?
>
> Sent from my iPhone
>
>> On May 14, 2020, at
What should I use instead of strlcpy or strcpy?
Sent from my iPhone
> On May 14, 2020, at 11:04 AM, Jo-Philipp Wich wrote:
>
> Hi,
>
> the sprintf() to snprintf() changes are fine to me. Please omit the
> conversions to strlcpy() and please don't use fmemopen().
>
> ~ Jo
>
>
Hi,
the sprintf() to snprintf() changes are fine to me. Please omit the
conversions to strlcpy() and please don't use fmemopen().
~ Jo
signature.asc
Description: OpenPGP digital signature
___
openwrt-devel mailing list
From: Philip Prindeville
Make sure no buffer overruns present a vulnerability in the firewall.
Get rid of unsafe string functions: strcpy, strncpy, strcat, strncat,
sprintf, etc. Doing pointer arithemetic with the return value of
sprintf() is inherently unsound. Per the sprintf() man page: