Bugtraq mailing list archives
Re: WuFTPD: Providing *remote* root since at least1994
From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Mon, 26 Jun 2000 16:01:43 -0400
snprintf() doesn't null terminate.Then IMO it's broken [...]There was quite a bit of discussion about [this] [...] You need to do a mystring[sizeof(mystring)-1]='\0' after the call to be on the safe side.
As I remarked to someone else privately (that message wasn't sent to bugtraq), there comes a point where you have to say "your system's version of foo() is so broken I'm not going to try to work around its bugs". And - IMO, of course - an snprintf that doesn't NUL-terminate is past that point.
I also _think_ I remember posts saying that ANSI C doesn't require snprintf() to null terminate. (Don't quote me on that though)
Well, IIRC snprintf() isn't specified by ANSI C at all, which would make this technically true but rather misleading. Of course, it's been a while since I made any effort to bring my knowledge of ANSI/ISO C up to current, so this could well have changed. Regardless of what ANSI may say, though, I still consider it a serious bug for snprintf() to fail to NUL-terminate, except when the size parameter is zero. der Mouse mouse () rodents montreal qc ca 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- [RHSA-2000:037-05] New Linux kernel fixes security bug, (continued)
- [RHSA-2000:037-05] New Linux kernel fixes security bug bugzilla () REDHAT COM (Jun 26)
- LeafChat Denial of Service Andrew Lewis (Jun 25)
- Netscape Enterprise Server for NetWare Virtual Directory Vulnerab ility Peter Grundl (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 Peter Pentchev (Jun 23)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 25)
- Re: WuFTPD: Providing *remote* root since at least1994 Mikael Olsson (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Carson Gaspar (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Casper Dik (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Eric Hines (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Mikael Olsson (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 28)
- Re: WuFTPD: Providing *remote* root since at least1994 Valentin Nechayev (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Kenn Humborg (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Hudin Lucian (Jun 29)
- Multiple vulnerabilities in Sybergen Secure Desktop anders.ingeborn () INFOSEC SE (Jun 30)
- SecureXpert Advisory [SX-20000620-2] SecureXpert DIRECT Sender (Jun 30)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)