Subject: Re: does dns overrun apply to getaddrinfo.c?
To: Jeremy C. Reed <email@example.com>
From: None <firstname.lastname@example.org>
Date: 07/17/2002 08:23:22
>I see that libc/net/getaddrinfo.c says "we have a big amount of code
>duplicate from gethnamaddr.c". And it appears to have basically the same
>problem code as before-patched gethnamaddr.c. (It does have differences
>Anyways, should lib/libc/net/getaddrinfo.c be improved to clean up for
>potential buffer overflow? (Or is it not needed?)
getaddrinfo.c was not vulnerable to the issue found last month,
and the cleanup (removal of "buflen" management) is already done.