Vulnerability Development: Re: Possible syslogd DoS ?

[Petr Baudis <pasky () pasky ji cz>]

..snip..
> > >    Fix: syslog(0, "%s", buffer);
agreed, sorry :-)

..snip..
> Another fix, althought the point of the program
> is well demonstrated without it:
>
> for(;;)
> {
>   fgets(buffer, sizeof(buffer), fp);
>   buffer[1023] = 0;
>   syslog(0, "%s", buffer);
> }
running slightly OT, but please tell me, what's the point of that?

       fgets() reads in at most one less than size characters from stream and stores them into the buffer  pointed  to
       by s.  Reading stops after an EOF or a newline.  If a newline is read, it is stored into the buffer.
       A '\0' is stored after the last character in the buffer.
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       
according to the manpage.

-- 

                                Petr "Pasky" Baudis
.                                                                       .
        n = ((n >>  1) & 0x55555555) | ((n <<  1) & 0xaaaaaaaa);
        n = ((n >>  2) & 0x33333333) | ((n <<  2) & 0xcccccccc);
        n = ((n >>  4) & 0x0f0f0f0f) | ((n <<  4) & 0xf0f0f0f0);
        n = ((n >>  8) & 0x00ff00ff) | ((n <<  8) & 0xff00ff00);
        n = ((n >> 16) & 0x0000ffff) | ((n << 16) & 0xffff0000);
                -- C code which reverses the bits in a word.
.                                                                       .
My public PGP key is on: http://pasky.ji.cz/~pasky/pubkey.txt
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++:++ a--- C+++ UL++++$ P+ L+++ E--- W+ N !o K- w-- !O M-
!V PS+ !PE Y+ PGP+>++ t+ 5 X(+) R++ tv- b+ DI(+) D+ G e-> h! r% y?
------END GEEK CODE BLOCK------