Re: buffer overflow in /bin/gzip?

To: debian-security@lists.debian.org
Subject: Re: buffer overflow in /bin/gzip?
From: Yotam Rubin <yotam@makif.omer.k12.il>
Date: Wed, 21 Nov 2001 01:13:52 +0200
Message-id: <20011121011352.A2132@yotam@makif.omer.k12.il>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 010B55064719D511AEBD00500488036212F40C@sekunda5.oslo.kvalito.no>
References: <[🔎] 010B55064719D511AEBD00500488036212F40C@sekunda5.oslo.kvalito.no>

On Tue, Nov 20, 2001 at 11:33:20PM +0100, Anders Gj?re wrote:
> in gzip.c
> 
> the line:
> 	strcpy(nbuf,dir);
> 
> should maybe be replaced with:
> 	strncpy(nbuf, dir,sizeof(nbuf));

The call to strcpy() may be replaced with a call to strncpy(), but there is
no problem in the call to strcpy(). Look at the line preceding the call to
strcpy(), it ensures that nbuf will not be overflowed.

	Regards, Yotam Rubin

> 
> --_
> anders gj?re
> system engineer
> +47 414 22 934 
> 
> 
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

References:
- buffer overflow in /bin/gzip?
  - From: Anders Gjære <Anders@oslo.kvalito.no>

Prev by Date: Re: buffer overflow in /bin/gzip?
Next by Date: Re: buffer overflow in /bin/gzip?
Previous by thread: Re: buffer overflow in /bin/gzip?
Next by thread: Re: WAY OT (Re: In Praise of Dos (RE: Mutt & tmp files))
Index(es):
- Date
- Thread