tech-userlevel: Re: rm(1) and cp(1) printable characters diff

Subject: Re: rm(1) and cp(1) printable characters diff
To: None <tech-userlevel@NetBSD.org>
From: Ignatios Souvatzis <ignatios@theory.cs.uni-bonn.de>
List: tech-userlevel
Date: 07/22/2003 10:51:41

--6TrnltStXW4iwmi0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jul 21, 2003 at 07:06:29PM +0200, Thomas Klausner wrote:
> On Mon, Jul 21, 2003 at 05:59:37PM +0100, Charles Blundell wrote:
> > +	if (strlen(target) > MAXPATHLEN) {
> > +		char *fn;
> > +		fn =3D printescaped(target);
> > +		errx(1, "%s: name too long", fn);
> > +		free(fn);
> > +	}
>=20
> free() after you exit() using errx() won't do much :)

Yes, but it will help if some hacker sneaks in a different errx() via=20
a manipulated shared libc ;-)

	-is

--6TrnltStXW4iwmi0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBPxz7GjCn4om+4LhpAQErEQgAnF4diTLsMyc8HyFd43JMF8heBVCWY0wj
qCHtjMHnjA7yrooZ8OsnsHk1oGzO5JQqzsM/Zmp4IdKyoz3Iz1LGr0wyzy6D2Lkc
q53xNTR/LCySIWBMQAzA9YH0OA1KawVNfce027s84oa8oKSMTlmCBHfQsiNB/3dl
+ox12j7YN3DqK2v7TGnwLecsmLDF2SKA+w3JbHSwN4S8l9Ip5YTEdlGNjcuscIXl
kkjBVn8VyrO8zncywy7kNPes/M82XIoAsWZUyae3FK3EIVwqmaZuvmnT1qW5U5K+
V5f6RWmldZpz4wkS/o1wZP+9pErcgupsH1Lgzt3spInQ/nUrWyaBQQ==
=CWg4
-----END PGP SIGNATURE-----

--6TrnltStXW4iwmi0--