Home page logo

bugtraq logo Bugtraq mailing list archives

Fixing up Qpopper
From: chris () FERRET LMH OX AC UK (Chris Evans)
Date: Mon, 29 Jun 1998 11:00:55 +0100


Everyone is scrambling around trying to analyse which sprintf()'s are
going to cause overflows in qpopper.

This is not the proper approach to security. It causes additional
overruns to be missed, as is witnessed by lots of "here's another one"
posts seen on the topic so far. There will always be some weird code path
that concatenates strings longer than you expected, etc.

Successful protection of security related software commonly uses one of
these techniques:

1) Bounds check _all_ copies. For example, samba just did a mass switch
   from strcpy to strncpy. Of course, after a strncpy you must remember
   to ensure the destination is properly null terminated.

2) When copying data, work out the required new length then make a new
   buffer of required size on the fly. Lots of programs with very good
   security records have used this approach.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]