Subject: Re: buffer overflows in libsa
To: None <>
From: Roland Illig <>
List: tech-kern
Date: 08/24/2005 09:51:52
Roland Illig wrote:
> Hi all,
> the stand-alone library still contains two function with buffer 
> overflows, namely gets() and getpass(). To fix that, I have written the 
> appended patch.

I'm currently building NetBSD/alpha to test the effect on the code size. 
On i386 and sparc I could already reduce the code size so that the code 
_with_ the overflow checking is actually smaller than the old code 
without. So I'm confident we can have small _and_ secure code. :)