Subject: Re: does dns overrun apply to getaddrinfo.c?
To: Jeremy C. Reed <>
From: None <>
List: tech-security
Date: 07/17/2002 08:23:22
>I see that libc/net/getaddrinfo.c says "we have a big amount of code
>duplicate from gethnamaddr.c". And it appears to have basically the same
>problem code as before-patched gethnamaddr.c. (It does have differences

>Anyways, should lib/libc/net/getaddrinfo.c be improved to clean up for
>potential buffer overflow? (Or is it not needed?)

	getaddrinfo.c was not vulnerable to the issue found last month,
	and the cleanup (removal of "buflen" management) is already done.