[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-bugs
Subject:    Re: overflows in back-passwd/search.c function pw2entry() (ITS#2046)
From:       Kurt () OpenLDAP ! org
Date:       2002-08-27 2:10:49
[Download RAW message or body]

Fixed in HEAD.

At 02:03 AM 2002-08-26, rhafer@suse.de wrote:
>Full_Name: Ralf Haferkamp
>Version: 2.0.X, HEAD
>OS: 
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (213.95.15.201)
>
>
>Overflows via sprintf() and strcpy()/strcat(). Could use snprintf(). Even if the
>input is from passwd-file it may overflow since some parts are usercontrolled
>(e.g. gecos).


[prev in list] [next in list] [prev in thread] [next in thread]