On Fri, 13 May 2005, Steinar H. Gunderson wrote:
On Thu, May 12, 2005 at 09:41:52PM -0700, Steve Langasek wrote:
snip ...
The get_best_mount function worries me, as it's writing to a caller-provided pointer (char *what) with no bounds checking. This appears to be the intended *use* of the pointer, so this isn't a blocking issue, it's just something that ought to be cleaned up at some point (including making sure there's no exploitable buffer overflow here when using things like LDAP or Hesiod maps).
Perhaps.
I'll have a look but bounds checking should be done way before this so I'm not so concerned about this. Checking that it is done at the right spot is the important thing (I think it is in the latest release).
Ian
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
