ftpget.c consistently writes data into a 128 character array using
sscanf. Unfortunately, it doesn't do any bounds checking, allowing a
malicious FTP server to cause a buffer overrun. <sigh> When will we ever
learn...
I'll try to submit some patches, but I may not have time before I leave for
Europe, so if somebody else wants to take a crack at it, please do so.
-- Carson Gaspar -- carson@cs.columbia.edu carson@lehman.com http://www.cs.columbia.edu/~carson/home.html <This is the boring business .sig - no outre sayings here>Received on Fri Aug 02 1996 - 13:18:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:45 MST