On Sun, Nov 26, 2000 at 06:53:43PM -0500, Michael Richardson wrote:
> Libpcap has buffer overflow in pcap-linux.c. The code uses strcpy to
> copy interface name to ifr.ifr_name (16-byte buffer).
The current CVS version uses "strncpy()" throughout. (Perhaps it should
use "strlcpy()" instead.)
> I'm including a patch that hopefully fixes this. Also I think pcap-dlpi.c
> has a similar problem.
The current CVS version uses "strlcpy()".
> ... (patch sent to patches) ...
It doesn't appear to be in the archive yet.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
