Re: buffer overflow in /bin/gzip?

To: Anders Gjære <Anders@oslo.kvalito.no>
Cc: debian-security@lists.debian.org
Subject: Re: buffer overflow in /bin/gzip?
From: Guillaume Morin <guillaume@morinfr.org>
Date: Wed, 21 Nov 2001 00:13:27 +0100
Message-id: <[🔎] 20011121001327.A9768@morinfr.org>
Mail-followup-to: Anders Gjære <Anders@oslo.kvalito.no>, debian-security@lists.debian.org
In-reply-to: <[🔎] 010B55064719D511AEBD00500488036212F40C@sekunda5.oslo.kvalito.no>
References: <[🔎] 010B55064719D511AEBD00500488036212F40C@sekunda5.oslo.kvalito.no>

Dans un message du 20 nov à 23:33, Anders Gjære écrivait :
>
> in gzip.c
> 
> the line:
> 	strcpy(nbuf,dir);
> 
> should maybe be replaced with:
> 	strncpy(nbuf, dir,sizeof(nbuf));

gzip runs with user privileges, therefore this is not a security
problem.

-- 
Guillaume Morin <guillaume@morinfr.org>

                  Batailler corps et âmes pour un maudit refus
                              (No one is innocent)

Reply to:

Follow-Ups:
- Re: buffer overflow in /bin/gzip?
  - From: Ben Leslie <benno@sesgroup.net>
- Re: buffer overflow in /bin/gzip?
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: buffer overflow in /bin/gzip?
  - From: John Galt <galt@inconnu.isu.edu>

References:
- buffer overflow in /bin/gzip?
  - From: Anders Gjære <Anders@oslo.kvalito.no>

Prev by Date: buffer overflow in /bin/gzip?
Next by Date: Re: buffer overflow in /bin/gzip?
Previous by thread: buffer overflow in /bin/gzip?
Next by thread: Re: buffer overflow in /bin/gzip?
Index(es):
- Date
- Thread