[devel] IA: destination buffer overflow - ppp

[Kirill A. Shutemov]

On [Wed, 28.11.2007 12:35], Alexander Bokovoy wrote:
> Dmitriy Khanzhin п©п╦я┬п╣я┌:
> > Slava Semushin п©п╦я┬п╣я┌:
> >> 2007/11/27, Dmitry V. Levin <ldv на altlinux.org>:
> >>> On Tue, Nov 27, 2007 at 06:32:40PM +0300, Dmitriy Khanzhin wrote:
> >>> 
> >>>> -     strncat(ttyname, name, sizeof(ttyname));
> >> + strncat(ttyname, name, sizeof(ttyname)-1);
> >> 
> >>> п░п╡я┌п╬я─ я█я┌п╬пЁп╬ п╨п╬п╢п╟ п╫п╣ я│п©я─п╟п╡п╦п╩я│я▐ я│ я└я┐п╫п╨я├п╦п╣п╧ strncat. п≤я│п©я─п╟п╡п╩п╣п╫п╦п╣
> >>> я┌я─п╦п╡п╦п╟п╩я▄п╫п╬.
> >> п╓п╦п╨я│ п╢п╬п╩п╤п╣п╫ п╠я▀я┌я▄ я┌п╟п╨п╦п╪ (я│п╪. п╡я▀я┬п╣)? п≤п╩п╦ п╫п╣я┌?
> >> 
> > п▓п╬я┌ я┌п╟п╨ я│п╬п╠я─п╟п╩п╬я│я▄ п╠п╣п╥ warning'п╟ (п╟я┌я┌п╟я┤).
> п∙я┴п╣ п╠я▀ п╬п╫п╬ я─п╟п╠п╬я┌п╟п╩п╬. п▓я▀ п╤п╣ п©я─п╬я│я┌п╬ п©п╬п╡я┌п╬я─п╦п╩п╦ п╣я─я┐п╫п╢я┐ п╥п╟ п╟п╡я┌п╬я─п╟п╪п╦ я█я┌п╬пЁп╬
> п©п╩п╟пЁп╦п╫п╟. sizeof(ttyname), п╨п╟п╨ п╦ sizeof(name), я─п╟п╡п╫п╬я│п╦п╩я▄п╫я▀ sizeof(char *)
> п╦ я─п╟п╡п╫я▀ я─п╟п╥п╪п╣я─я┐ я┐п╨п╟п╥п╟я┌п╣п╩я▐, п╫п╬ п╫п╦п╨п╟п╨ п╫п╣ я─п╟п╥п╪п╣я─я┐ я│я┌я─п╬п╨п╦. п╒п╟п╪ п╫я┐п╤п╫п╬
> п╦я│п©п╬п╩я▄п╥п╬п╡п╟я┌я▄ strlen(ttyname).

п∙я│п╩п╦ ttyname п╬п╠я┼я▐п╡п╩п╣п╫ п╨п╟п╨
char ttyname[PATH_MAX];
я┌п╬ sizeof(ttyname) п╠я┐п╢п╣я┌ я─п╟п╡п╣п╫ PATH_MAX;

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + Velesys LLC, http://www.velesys.com/
 + ALT Linux Team, http://www.altlinux.com/
----------- следующая часть -----------
п▒я▀п╩п╬ я┐п╢п╟п╩п╣п╫п╬ п╡п╩п╬п╤п╣п╫п╦п╣ п╫п╣ п╡ я┌п╣п╨я│я┌п╬п╡п╬п╪ я└п╬я─п╪п╟я┌п╣...
п≤п╪я▐     : п╬я┌я│я┐я┌я│я┌п╡я┐п╣я┌
п╒п╦п©     : application/pgp-signature
п═п╟п╥п╪п╣я─  : 189 п╠п╟п╧я┌п╬п╡
п·п©п╦я│п╟п╫п╦п╣: Digital signature
Url     : http://lists.altlinux.org/pipermail/devel/attachments/20071128/35e87ead/attachment.bin