dan-bugtraqDILVISH.SPEED.NET

• Next message: Bernhard Rosenkraenzer: "Re: WuFTPD: Providing *remote* root since at least1994"
• Previous message: David LeBlanc: "Re: Force Feeding"
• Next in thread: Teodor Cimpoesu: "Re: ftpd: the advisory version"
• Maybe reply: Dan Harkless: "Re: ftpd: the advisory version"
• Reply: Teodor Cimpoesu: "Re: ftpd: the advisory version"
• Reply: Sebastian: "Re: ftpd: the advisory version"
• Reply: Juergen P. Meier: "Re: ftpd: the advisory version"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sebastian <scutNB.IN-BERLIN.DE> writes:
> So please, use unsigned char pointers, buffers and casts. For example the
> proper code for the above function would be:
>
> void
> func_proper (unsigned char *domain)
> {
> int len = domain[0];
> unsigned char buff[64];
>
>
> if (len >= 64)
> return;
>
> strncpy (buff, &domain[1], len);
> buff[63] = '\x00';
> }

Uh, no, the strncpy() prototype is:

    char *strncpy(char *dst, const char *src, size_t n);

len should be a size_t (which is typedef'd to be some kind of unsigned int),
which would avoid the problem (without having to mess with explicitly
unsigned chars, which will cause warnings on platforms where chars are
signed, for one thing).

----------------------------------------------------------------------
Dan Harkless | To prevent SPAM contamination, please
dan-bugtraqdilvish.speed.net | do not mention this private email
SpeedGate Communications, Inc. | address in Usenet posts. Thank you.

• Next message: Bernhard Rosenkraenzer: "Re: WuFTPD: Providing *remote* root since at least1994"
• Previous message: David LeBlanc: "Re: Force Feeding"
• Next in thread: Teodor Cimpoesu: "Re: ftpd: the advisory version"
• Maybe reply: Dan Harkless: "Re: ftpd: the advisory version"
• Reply: Teodor Cimpoesu: "Re: ftpd: the advisory version"
• Reply: Sebastian: "Re: ftpd: the advisory version"
• Reply: Juergen P. Meier: "Re: ftpd: the advisory version"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]