Bugtraq mailing list archives
Re: WuFTPD: Providing *remote* root since at least1994
From: bernd.luevelsmeyer () HEITEC NET (Bernd Luevelsmeyer)
Date: Wed, 28 Jun 2000 12:27:17 +0200
der Mouse wrote: [...]
Regardless of what ANSI may say, though, I still consider it a serious bug for snprintf() to fail to NUL-terminate, except when the size parameter is zero.
The '89 Standard doesn't know snprintf(). As far as I can tell, compilers for the '99 Standard don't yet exist; they ought to implement complex numbers, variable sized arrays and a lot of other goodies. The '99 Standard agrees that the string must always be 0-terminated except if the buffer has 0 length; it says (quoted from a draft version of the Standard): Synopsis #include <stdio.h> int snprintf(char * restrict s, size_t n, const char * restrict format, ...); Description The snprintf function is equivalent to fprintf, except that the output is written into an array (specified by argument s) rather than to a stream. If n is zero, nothing is written, and s may be a null pointer. Otherwise, output characters beyond the n-1st are discarded rather than being written to the array, and a null character is written at the end of the characters actually written into the array. If copying takes place between objects that overlap, the behavior is undefined. Returns The snprintf function returns the number of characters that would have been written had n been sufficiently large, not counting the terminating null character, or a negative value if an encoding error occurred. Thus, the null-terminated output has been completely written if and only if the returned value is nonnegative and less than n.
Current thread:
- Re: WuFTPD: Providing *remote* root since at least1994, (continued)
- Re: WuFTPD: Providing *remote* root since at least1994 Casper Dik (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Eric Hines (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 28)
- Re: WuFTPD: Providing *remote* root since at least1994 Valentin Nechayev (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Kenn Humborg (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Hudin Lucian (Jun 29)
- Multiple vulnerabilities in Sybergen Secure Desktop anders.ingeborn () INFOSEC SE (Jun 30)
- SecureXpert Advisory [SX-20000620-2] SecureXpert DIRECT Sender (Jun 30)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
- Update to Integrity Protection Driver Available IPD (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 29)
- Buggy ARP handling in Windoze Paul Starzetz (Jun 29)
- Re: Buggy ARP handling in Windoze Jurjen Oskam (Jun 29)
- Re: Buggy ARP handling in Windoze Steven Alexander (Jun 29)
- vpopmail-3.4.11 problems H D Moore (Jun 29)
- CONECTIVA LINUX SECURITY ANNOUNCEMENT - dump Conectiva Security (Jun 30)