Don Head <[EMAIL PROTECTED]> writes:
> Just passing this along, was posted to bugtraq. Didn't bother to check, has
> this been fixed?
already fixed :
diff -ur cdrecord-1.8.1.orig/cdrecord/defaults.c cdrecord-1.8.1/cdrecord/defaults.c
--- cdrecord-1.8.1.orig/cdrecord/defaults.c Sun Apr 16 02:08:58 2000
+++ cdrecord-1.8.1/cdrecord/defaults.c Tue May 30 13:30:45 2000
@@ -109,7 +109,7 @@
return;
x++;
}
- sprintf(dname, "%s=", p);
+ snprintf(dname, sizeof(dname), "%s=", p);
if (defltopen("/etc/default/cdrecord") != 0)
return;
--
-- Yoann http://www.mandrakesoft.com/~yoann/
It is well known that M$ product don't make a free() after a malloc(),
the unix community wish them good luck for their future developement.
