Bugtraq mailing list archives

Re: simple kde exploit fix

From: thospel () mail dma be (Ton Hospel)
Date: Sun, 17 May 1998 23:09:19 GMT


In article <Pine.LNX.3.96.980517144346.10501A-100000 () lurk kellogg nwu edu>,
        David Zhao <dzhao () LURK KELLOGG NWU EDU> writes:

in kdebase/kscreensaver/kscreensave.cpp:

change:
line 18:        strcpy( buffer, getenv("HOME") );
                to
                strncpy( buffer, getenv("HOME"), 256);

Why do people like strncpy so much ? It sucks almost as badly as strcpy.

strncpy has two drawbacks:
   - it always fills the buffer with nulls, which is a waste of time
   - It does NOT null terminate a string that's too long
Also, getenv returns NULL if an environment variable does not exist,
and not all OS's will check NULL access, so you can pick up garbage
from adres 0 in your computer.

Better fixing style:

   char *env;
   int   len;

   env = getenv("HOME");
   if (env) {
      len = strlen(env);
      if (len >= BUFLEN) len = BUFLEN-1;
      memcpy(buffer, env, len);
      env[len] = 0;
   } else do_something_intelligent();

Current thread:

Re: simple kde exploit fix Ton Hospel (May 17)
- <Possible follow-ups>
- Re: simple kde exploit fix Ton Hospel (May 17)
- Re: simple kde exploit fix Ton Hospel (May 18)