been reading through some code and saw somethng that
made my stomach turn:
static
__fprintf(FILE *fp, char *fmt, int *argptr)
{
char buf[BUFSIZ], *p, c;
__doprnt(buf, fmt, argptr);
p = buf;
while (c = *p++) {
putc(c, fp);
}
return(0);
}
this is called by fprintf() as well as printf(). fixed sized
buffer used on the stack. Could be the source of many core dumps
and security violations (ie. old fingerd bug).
Tim N.
Received on Tue Aug 30 00:00:27 1994
This archive was generated by hypermail 2.1.8 : Thu Sep 22 2005 - 15:11:45 PDT