[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Password checking API
From: Stephan Kulow <coolo () kde ! org>
Date: 2001-10-02 21:56:24
[Download RAW message or body]
On Tuesday 02 October 2001 23:24, Rik Hemsley wrote:
> #if Stephan Kulow
>
> > > It contains a buffer overrun. You say char username[128] and then do
> > > username[128] = '\000'; That's off by one, username[127] is the last
> > > element.
> >
> > Not in the patch I looked at
>
> + char *login, passbuffer[1024], *passwd,*ca,username[128];
>
> ..
>
> + username[128] = '\000';
>
I guess so. But for me cvs diff -r1.19 -r1.20 kcheckpass.c only outputs
+...127
Greetings, Stephan
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic