Bugtraq mailing list archives

Re: [linux-security] Re: identd hole?

From: TaRDiS () Mail UTexas EDU (lilo)
Date: Thu, 18 Jul 1996 06:51:49 -0500


On Tue, 16 Jul 1996, Dave G. wrote:

As far as I know, there is no buffer overflow in atoi() under linux.
This rumor was started when there was a problem in some IRC clients.  At
the time I took a look at atoi() and strtol().  Not only were there no
buffer overflows, there were no buffers at all :).


Well, the problem has not been sufficiently debugged.  The fact that it only
occurred in pre-5.3.9 ELF libc, and that it was universally resolved by
upgrading the libc to 5.3.12 (really we did spend a fair amount of time
verifying that behavior) seemed indicative of a library problem, and the
atoi() diagnosis was volunteered by someone with more time on their hands,
and possibly less skill.... :)



lilo

Current thread:

Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
  - Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)