[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [linux-security] so-called snprintf() in db-1.85.4

From: Hal DeVore <hdevore bmc com>
To: Thomas Roessler <roessler guug de>, linux-security redhat com
Subject: Re: [linux-security] so-called snprintf() in db-1.85.4
Date: Wed, 09 Jul 1997 07:41:17 -0500

-----BEGIN PGP SIGNED MESSAGE-----



roessler guug de wrote:
> There is a severe problem with the db-1.85.4 library's Linux port

I just ran nm on my libdb.a and found:

snprintf.o:
00000000 t gcc2_compiled.
00000000 T snprintf
00000014 T vsnprintf
         U vsprintf

Without looking at the code I'd bet that the vsnprintf function supplied 
in this library similarly turns into a vsprintf.

Hal


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBM8OG50Zrb8SDJ8hxAQE77wP/a10vOmulKy3hOcG9bqwBA64m7OEejqv7
7CiRGcRepHyowVMHvp2P7pITCYohGxpEweljnA4iqHy8WG68No8pK2YOjp7RDLda
WcS+CvImoLX7gBZK3LBQpmWqtrHfwO/I3QaqfietW93mG0PPrysRGhUNi94+MKB5
4SUgslHA42U=
=AkPG
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: [linux-security] Re: so-called snprintf() in db-1.85.4
  - From: Illuminati Primus

References:
- so-called snprintf() in db-1.85.4
  - From: Thomas Roessler

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]