Hosting Provided By

Re: security audit: yp_access.c

From: Eivind Eklund <eivind(at)dimaga.com>
Date: Sun Feb 16 1997 - 13:44:32 EST

At 10:38 AM 2/16/97 +1100, Giles Lean wrote:
>
>I'm looking for a little confirmation that I'm on the right track here.

Right. If you read the guidelines carefully, you will see that you are even asked to fix this at a function level, to make the code-base robust - making it harder to introduce a security flaw later.

Eg, functions that are used on strings on the stack should always take in destination size, even if the rest of the program doesn't use the interface insecurely today.

Eivind Eklund perhaps(at)yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org Received on Sun Feb 16 10:49:35 1997

This message: [ Message body ]
Next message: Eivind Eklund: "PPP"
In reply to Giles Lean: "security audit: yp_access.c"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:41:04 EDT