Bugtraq mailing list archives

Re: identd hole?

From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Tue, 16 Jul 1996 12:41:08 -0400

its possible that its an atoi() (or more properly strtol()) bug..
Most people run identd as root, this means that if someone happens to
overflow a buffer (which is easily done with atoi())


Um, how can you overflow a buffer with atoi() or strtol()?  Neither one
writes to any buffer anywhere; atoi() doesn't write anything but its
return value, and strtol() writes only the pointer and its return
value.

What am I missing?

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu
                    01 EE 31 F6 BB 0C 34 36  00 F3 7C 5A C1 A0 67 1D

Current thread:

Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
  - Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)