Re: mass bug filing for undefined sn?printf use

To: debian-devel <debian-devel@lists.debian.org>
Subject: Re: mass bug filing for undefined sn?printf use
From: Arthur de Jong <adejong@debian.org>
Date: Tue, 30 Dec 2008 10:06:41 +0100
Message-id: <[🔎] 1230628001.3936.2.camel@sorbet.thuis.net>
In-reply-to: <[🔎] 20081228180246.GA24765@dario.dodds.net>
References: <[🔎] 20081228084246.GE12532@outflux.net> <[🔎] 20081228180246.GA24765@dario.dodds.net>

On Sun, 2008-12-28 at 12:02 -0600, Steve Langasek wrote:
> I don't know whether these are also a problem in practice - but if so,
> using sprintf(buf + strlen(buf) [...]) is definitely wrong.

I don't know if any of my code uses such a construct but why is that
wrong as long as [...] doesn't contain buf? (assuming proper bound
checks are done and other parameters are sane)

Thanks.

-- 
-- arthur - adejong@debian.org - http://people.debian.org/~adejong --

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: mass bug filing for undefined sn?printf use
  - From: Steve Langasek <vorlon@debian.org>

References:
- mass bug filing for undefined sn?printf use
  - From: Kees Cook <kees@outflux.net>
- Re: mass bug filing for undefined sn?printf use
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: CVE-2008-5378: possible symlink attacks
Next by Date: Override changes standard -> optional
Previous by thread: Re: mass bug filing for undefined sn?printf use
Next by thread: Re: mass bug filing for undefined sn?printf use
Index(es):
- Date
- Thread