SecFix for databases/firebird, please review
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Wed Aug 27 01:09:13 PDT 2003
On Mon, Aug 18, 2003 at 11:59:28AM +0200, Alexander Leidinger wrote:
+> Thanks for the review. I've updated
+> http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 (modulo
+> Chris' work in progress). I'm looking forward to the next round. :-)
IMHO there are still problems with strncat(3).
If you use something like that:
strncat(buf, string, sizeof(buf) - 1);
why not just use:
strncpy(buf, string, sizeof(buf) - 1);
because correct form is:
strncat(buf, string, sizeof(buf) - strlen(buf) - 1);
There is also syntax error here:
strncat (ib_prefix_msg_val, MAXPATHLEN, ib_prefix_msg);
You also still don't add:
buf[sizeof(buf) - 1] = '\0';
after all strncat(3)s.
This was in first patch:)
IMHO if you want to keep portability, just add some BSD-licensed strlcat(3)
and strlcpy(3) implementations to firebird's code and use it, because
strncat(3) is really fucked up.
--
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-audit/attachments/20030827/9536b096/attachment.bin
More information about the freebsd-audit
mailing list