Bug#264453: [Pkg-firebird-general] Bug#264453: Very likely not
exploitable
Damyan Ivanov
divanov at creditreform.bg
Mon Oct 31 19:53:46 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
marius popa wrote:
> Damyan Ivanov wrote:
>
>> Short story: I think that this is unexploitable.
>
> I think we could hunt this kind of bugs with code checkers (like
> flawfinder)
>
> gds.cpp:960: [4] (buffer) strcpy:
> Does not check for buffer overflows when copying to destination.
> Consider using strncpy or strlcpy (warning, strncpy is easily misused).
Marius, I am not very fluent with security issues. May I ask you for
your help on this?
dam
- --
Damyan Ivanov Creditreform Bulgaria
divanov at creditreform.bg http://www.creditreform.bg/
phone: +359(2)928-2611, 929-3993 fax: +359(2)920-0994
mob. +359(88)856-6067 dam at jabber.minus273.org/Gaim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDZnZKHqjlqpcl9jsRAnzCAKCTeJ3O3BWNJI2LzjHnT3es4K9o8gCeKFXR
biS4gZXO+3jlzIYJ/OmVtTc=
=Obnn
-----END PGP SIGNATURE-----
More information about the Pkg-firebird-general
mailing list