Hallo, Friday, January 10, 2003, 20:44, botman <[EMAIL PROTECTED]> wrote:
Thanks botman, I was unsure whether it would be a good idea to post the urls here, so you decided it for me... > http://online.securityfocus.com/archive/1/306120/2003-01-07/2003-01-13/0 Actually, this advisory isn't researched to the end. The main problem lies in cl_dll's text_message.cpp. Looking at CHudTextMessage::MsgFunc_TextMsg() it's clear to see that there are MANY potential buffer overflows. e.g., READ_STRING is able to return a char array as long as 2048 chars, however, MsgFunc_TextMsg() does only declare an array of 128 chars, where the string returned by READ_STRING is copied into via strcpy without any checks. -- Sebastian Steinlechner - mailto:[EMAIL PROTECTED] - www.resourcecode.de _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders