Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: patch for qpopper remote exploit bug

Re: patch for qpopper remote exploit bug

der Mouse (mouseRODENTS.MONTREAL.QC.CA)
Tue, 30 Jun 1998 15:35:32 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Darren Reed: "non-exec stacks on solaris."
Previous message: pedwardWEBCOM.COM: "Re: Security vulnerabilities in MetaInfo products"

> Today, snprintf and vsnprintf are required.  Without them, there's
> some code in the libraries which cannot be written safely.

> ie:

> gen/syslog.c:   prlen = vsnprintf(p, tbuf_left, fmt_cpy, ap);

Actually, stuff like this can be done just fine with what NetBSD (and
OpenBSD, presumably) calls funopen() - you don't actually {,v}snprintf.
Indeed, funopen() is a bit of a sledgehammer; all the rest of stdio
could be removed without losing any power (just convenience).

I actually prefer funopen() in most respects.  In particular, it allows
things like printing into mallocked storage without having to impose a
length limit (which naive use of snprintf and strdup does).

stdio has desperately needed something like funopen() for a long time.
It was so egregiously missing that I hacked it into the 4.3 stdio back
when I was working with 4.3...I called it fopenfxn() and the interface
was a bit different, but it was basically the same idea.

                                        der Mouse

                               mouserodents.montreal.qc.ca
                     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Next message: Darren Reed: "non-exec stacks on solaris."
Previous message: pedwardWEBCOM.COM: "Re: Security vulnerabilities in MetaInfo products"