SecFix for databases/firebird, please review
Alexander at Leidinger.net
Thu Aug 28 11:50:52 PDT 2003
On Wed, 27 Aug 2003 08:33:43 -0700
Joshua Oreman <oremanj at get-linux.org> wrote:
> > > You also still don't add:
> > >
> > > buf[sizeof(buf) - 1] = '\0';
> > >
> > > after all strncat(3)s.
> > Hmmm... yes, I see the problem...
> >From strncat(3):
> char* strncat (char * restrict s, const char * restrict append, size_t count);
> [ ... ]
> The strncat function appends not more than count characters from
> append, and then adds a terminating `\0'.
> (emphasis added) ^^^^^^^^^^^^^^^^^^^^^^^
> So here there really isn't a problem.
Are you sure?
Lets see (pseudocode):
strncat(target, source, 5);
What's the result (just by looking at the man-page):
Now, write a program which verifies your assumption.
The best things in life are free, but the
expensive ones are still worth a look.
http://www.Leidinger.net Alexander @ Leidinger.net
GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
More information about the freebsd-questions