Christian Biere <[EMAIL PROTECTED]> writes: [...]
Hey, these are great catches! Thanks for taking the time to investigate the code. > I've discovered 2 buffer overflows which affects at least people using > 2 certain locales but nobody who's using wget built with --disable-nls. > I've bumped the buffer 256 bytes. Decide yourself whether you like > that solution. It certainly beats having a buffer overflow. I'll install that for now. I now see that the first strcpy assumes English (or at least 3-letter) "try" as well, so that will need to be fixed. > A third bug can cause inserting a spurious NUL-byte onto the stack. This one is subtle. Again, you're correct. > The patch WRT src/progress.c fixes a syntax error for system having > no isatty(). I'm not sure whether you meant '|| 1'. I did, but it's really not necessary given that there are other tests. You were correct to remove it. > I've removed it but fix it in which way you ever prefer. The patch > WRT src/ftp-opie.c just removes unnecessary string operations, so > that's no bugfix. And the code is no complex as a result. I'll use it, thanks.
