Bugtraq mailing list archives

Re: QPOPPER problem.... ONE crude patch...

From: ryde () TRIPNET SE (Daniel Ryde)
Date: Sat, 27 Jun 1998 18:31:05 +0200


On Sat, 27 Jun 1998, Tom Brown wrote:

        vsnprintf(mp,sizeof(message)-(mp - message)-3,format,ap);


Dangerous, if the string is truncated it will skip the null termination,
then later the strcat might fail miserably (unless all arcitectures makes
for sure that, when allocated, the string is filled with null, which I
really doubt). Another note is the next lines of sprintf (architectures
that dont have vsprintf) that will have the same problem as vsprintf.
Change these to snprintf in a similar way, and add a null to the end.


Best Regards

Daniel Ryde, System Administrator
__________________________________________________________________________
Tripnet AB                Visit Address:      Telephone:  +46 31 7252500
Box 5071                  Avagen 42           Facsimile:  +46 31 7252501
S-402 22 GOTEBORG         GOTEBORG            Email:      ryde () tripnet se
Sweden                    Sweden

Current thread:

!!! FLASH TRAFFIC !!! QPOPPER REMOTE ROOT EXPLOIT Seth McGann (Jun 26)
- Re: !!! FLASH TRAFFIC !!! QPOPPER REMOTE ROOT EXPLOIT Theo de Raadt (Jun 27)
- patch for qpopper remote exploit bug Roy Hooper (Jun 27)
  - Re: patch for qpopper remote exploit bug Andres Kroonmaa (Jun 27)
    - Re: patch for qpopper remote exploit bug Theo de Raadt (Jun 27)
    - Re: patch for qpopper remote exploit bug Jon Lusky (Jun 27)
    - Re: patch for qpopper remote exploit bug Benjamin J Stassart (Jun 27)
    - Users can view script source from Win WebServers Aleph One (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Tom Brown (Jun 27)
  - Re: QPOPPER problem.... ONE crude patch... Daniel Ryde (Jun 27)
    - Re: QPOPPER problem.... ONE crude patch... Marco S Hyman (Jun 27)
  - Re: QPOPPER problem.... Jason Ackley (Jun 27)
    - Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
    - patch: qpopper (plugs another hole too) Miquel van Smoorenburg (Jun 27)
    - Re: QPOPPER problem.... Marco S Hyman (Jun 27)
    - Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
    - More patch ideas for qpopper Aaron D. Gifford (Jun 27)
    - Re: QPOPPER problem.... Jeff Haas (Jun 27)
  - Re: QPOPPER problem.... ONE crude patch... Yiorgos Adamopoulos (Jun 27)
    - Re: QPOPPER problem.... ONE crude patch... Juan Diego Bolanhos Ramirez (Jun 27)

(Thread continues...)