RE: security flaws in proftpd/wuftpd ?
>>>>> "BS" == Bryan Scaringe <Bryan.Scaringe@computer.org> writes:
BS> offtopic: One of the hols that was fixed a few weeks back stemmed
BS> from the fact that something like this happened:
BS> strncpy(acharbuffer, userinput, X) which supposedly led to a buffer
BS> overflow. Could someone explain how a buffer overflow could happen
BS> with strNcpy? I thought using strNcpy pretty much stopped buffer
BS> overflows cold.
I think a buffer overflow could happen if "acharbuffer" did not have enough
space for X. You could end up trying to copy more data from "userinput"
than there was space for in "acharbuffer" ie the size of acharbuffer < X.
--
Salman Ahmed
ssahmed AT interlog DOT com
Reply to: