Thanks, got it.
--- Brad Dameron Network Account Executive TSCNet Inc. www.tscnet.com Silverdale, WA. 1-888-8TSCNET > -----Original Message----- > From: Michal Medvecky [mailto:M.Medvecky@;sh.cvut.cz] > Sent: Friday, November 01, 2002 5:18 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: patch for autorespond-2.0.2 > > > Hello, > > this is a small patch for autorespond-2.0.2 which fixes two > potential buffer > overflows. Although, I hope nobody is using 4755-ed autorespond, > so it should > not be a big security hole. > > Regards, > > Michal Medvecky > > --CUT HERE-- > > 8a9 > > Patched 2002 by Michal Medvecky <[EMAIL PROTECTED]> > 573,575c574,579 > < > < strcpy(TheUser, getenv("EXT") ); > < strcpy(TheDomain, getenv("HOST") ); > --- > > if (getenv("EXT") == 0) || (getenv("HOST") == 0) { > > printf("Variable EXT or HOST (or both) not set."); > > exit(1); > > } > > strncpy(TheUser, getenv("EXT"),MAX_BUFF ); > > strncpy(TheDomain, getenv("HOST",MAX_BUFF) ); > >