Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Jay 'Whip' Grizzard: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Previous message: Tim Rylance: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Maybe in reply to: [8LGM] Security Team: "[8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Next in thread: Panzer Boy: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"

> I've already built patches for 4.4lite BSD derived systems, which
> I'll post in a little while after I've tested them better.
> Unfortunately, they require the use of snprintf, which is not
> standard on anything other than 4.4BSD.

(and 4.4-derived systems, of course)

> I can't think of any way to get around this -- you need to bounds
> check the sprintfs in syslog.c and the only way I know to do that is
> snprintf.

Actually, it's not quite that bad.  printf()'s guts are not hard to
rewrite; if nothing else, you can steal it from one of the free-source
stdios.  (If you skip floating point - which I admit you really can't
get away with for syslog() - it's not even hard to redo de novo.)

> I'll point out that this opens up a whole new wonderful set of holes
> that no one thought of before.

Yeah...stdio just plain wasn't thought through enough, or something
snprintfish would have been there in the first place.  (I'd still
rather have fopenstr(), and make the sprintf() family just wrappers
around fopenstr/vfprintf/fclose sequences.  Of course, I'd also like
fopenfxn(), too, but I suppose that's a pipe dream....)

                                        der Mouse

                            mouse@collatz.mcrcim.mcgill.edu

• Next message: Jay 'Whip' Grizzard: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Previous message: Tim Rylance: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Maybe in reply to: [8LGM] Security Team: "[8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"
• Next in thread: Panzer Boy: "Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995"