In message <20030606201906.F3232@almesberger.net>,Werner Almesberger writes:
>It could probably be used to leverage other security holes in
>atmsigd. (Not that I'm aware of any, but I'd be surprised if
>there were none.)
well various bits of the atm library used to use vsprintf. we changed
this to vsnprintf just to avoid trouble. i couldnt see how it might be
possible for someone to send a call setup that would overflow the debug
format buffer but better safe than sorry.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jun 07 2003 - 22:00:33 EST