Subject: Re: vixie-crontab vunerable?
To: David Brownlee <>
From: John F. Woods <>
List: current-users
Date: 12/16/1996 11:04:23
>	Does anyone know if we vunerable to this?

Yes.  load_env() needs to limit the length of the name of variables to
MAX_TEMPSTR (100); it currently only checks that the length of the name+value
is less than MAX_ENVSTR (1000).

There's a whole bunch of fixed-length stack char arrays in cron that look ripe
for exploits :-(.