Re: [SLUG] Using Programs that use _gets_

From: Jason Copenhaver (jcopenha@typedef.org)
Date: Thu Feb 14 2002 - 14:45:54 EST

Next message: Ronan Heffernan: "Re: [SLUG] Using Programs that use _gets_"
Previous message: R P Herrold: "RE: [SLUG] WAS about Linux virii"
In reply to: Robert Haeckl: "[SLUG] Using Programs that use _gets_"
Next in thread: Ronan Heffernan: "Re: [SLUG] Using Programs that use _gets_"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

according to 'man gets' yeah.. it is a problem and is only in there to
comply with the ANSI standard.. the problem is that the gets call doesn't
have a 'size' parameter on it.. so there is no way to limit the amount of
data being put into the buffer..

On Thu, 14 Feb 2002, Robert Haeckl wrote:

> Recently, I downloaded the imap tar file from Washington U. and compiled
> it. One of the compiler warnings mentioned that gets() was used. Is
> this always significant as a potential buffer overrun problem, and would
> this raise a red flag for someone who screens source code?
>
> -Robert
>
>

Next message: Ronan Heffernan: "Re: [SLUG] Using Programs that use _gets_"
Previous message: R P Herrold: "RE: [SLUG] WAS about Linux virii"
In reply to: Robert Haeckl: "[SLUG] Using Programs that use _gets_"
Next in thread: Ronan Heffernan: "Re: [SLUG] Using Programs that use _gets_"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:06:34 EDT