Hi Everyone, Since there has been certain amount of excitement about the consequences of buffer overflows in recent days, I would like to point a possible problem I discovered when following the instructions to compile open afs on Mac OS X. I guess you know of this but just in case, if follow the instructions at:
http://www.openafs.org/macos.html it sets the enable-checking flag which almost immediately finds: gcc -Os -I/Users/luehring/openafs-1.6.6/src/config -I/Users/luehring/openafs-1.6.6/include -I. -I. -Os -Wall -Wstrict-prototypes -Wold-style-definition -Wpointer-arith -Wall -Wstrict-prototypes -Wold-style-definition -Werror -fdiagnostics-show-option -Wpointer-arith -arch i386 -arch x86_64 -c cmd.c cmd.c:46:30: error: the value of the size argument in 'strncat' is too large, might lead to a buffer overflow [-Werror,-Wstrncat-size] strncat(tbuffer, a2, sizeof(tbuffer)); ^~~~~~~~~~~~~~~ cmd.c:46:30: note: change the argument to be the free space in the destination buffer minus the terminating null byte strncat(tbuffer, a2, sizeof(tbuffer)); ^~~~~~~~~~~~~~~ sizeof(tbuffer) - strlen(tbuffer) - 1 1 error generated. make[3]: *** [cmd.o] Error 1 make[2]: *** [cmd] Error 2 make[1]: *** [build] Error 2 make: *** [all] Error 2 Those instructions also set "--with-krb5-conf=/usr/bin/krb5-config" which seems to be unrecognized. I guess this is because kerberos version 4 is completely dead and the flag is no longer needed. Fred -- Fred Luehring Indiana U. HEP mailto:luehr...@indiana.edu +1 812 855 1025 IU http://cern.ch/Fred.Luehring mailto:fred.luehr...@cern.ch +41 22 767 1166 CERN http://cern.ch/Fred.Luehring/Luehring_pub.asc +1 812 391 0225 GSM _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info