Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1998: Re: simple kde exploit fix

Re: simple kde exploit fix

Ton Hospel (thospelmail.dma.be)
Sun, 17 May 1998 23:09:19 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robert Thomas: "Netscape Client DoS."
Previous message: Ton Hospel: "Re: simple kde exploit fix"
Maybe in reply to: David Zhao: "simple kde exploit fix"
Next in thread: Luca Berra: "Re: simple kde exploit fix"

In article <Pine.LNX.3.96.980517144346.10501A-100000lurk.kellogg.nwu.edu>,
        David Zhao <dzhaoLURK.KELLOGG.NWU.EDU> writes:
> in kdebase/kscreensaver/kscreensave.cpp:
>
> change:
> line 18:        strcpy( buffer, getenv("HOME") );
>                 to
>                 strncpy( buffer, getenv("HOME"), 256);
>
Why do people like strncpy so much ? It sucks almost as badly as strcpy.

strncpy has two drawbacks:
   - it always fills the buffer with nulls, which is a waste of time
   - It does NOT null terminate a string that's too long
Also, getenv returns NULL if an environment variable does not exist,
and not all OS's will check NULL access, so you can pick up garbage
from adres 0 in your computer.

Better fixing style:

   char *env;
   int   len;

   env = getenv("HOME");
   if (env) {
      len = strlen(env);
      if (len >= BUFLEN) len = BUFLEN-1;
      memcpy(buffer, env, len);
      env[len] = 0;
   } else do_something_intelligent();

Next message: Robert Thomas: "Netscape Client DoS."
Previous message: Ton Hospel: "Re: simple kde exploit fix"
Maybe in reply to: David Zhao: "simple kde exploit fix"
Next in thread: Luca Berra: "Re: simple kde exploit fix"