Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: > Dans un message du 20 nov à 23:33, Anders Gjære écrivait : > > > > in gzip.c > > > > the line: > > strcpy(nbuf,dir); > > > > should maybe be replaced with: > > strncpy(nbuf, dir,sizeof(nbuf)); > > gzip runs with user privileges, therefore th

Re: buffer overflow in /bin/gzip?

On Wed, 21 Nov 2001, Guillaume Morin wrote: > Dans un message du 20 nov à 23:33, Anders Gjære écrivait : > > > > in gzip.c > > > > the line: > > strcpy(nbuf,dir); > > > > should maybe be replaced with: > > strncpy(nbuf, dir,sizeof(nbuf)); > > gzip runs with user privileges, therefore t