Home page logo

bugtraq logo Bugtraq mailing list archives

Re: simple kde exploit fix
From: thospel () mail dma be (Ton Hospel)
Date: Mon, 18 May 1998 20:02:10 GMT

In article <Pine.LNX.3.96.980518103111.11608A-100000 () digi1 inreach net>,
        digi <digi () inreach net> writes:
why not:

   char *env;
   env = getenv("HOME");
      env[BUFLEN] = '\0';

would save memcpy()ing and strlen()ing.

Dangerous unless you know very well where your env buffer
really comes from (and goes to)

- I have seen C implementation where all getenv's use copying into one
  static buffer -> another getenv() somewhere in the program
  might unexpectedly change your env
- I have seen C implementations where these are pointers
  into a env space -> then you really hit the data (next getenv
  might be surprised), or you might even be modifying a different
  environment variable

For getenv it's usually best to copy the value from out of the result,
before some other getenv or putenv changes it.
My pid is Inigo Montoya.  You kill -9 my parent process.  Prepare to vi.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]