Bugtraq mailing list archives
Re: [linux-security] Re: identd hole?
From: TaRDiS () Mail UTexas EDU (lilo)
Date: Thu, 18 Jul 1996 06:51:49 -0500
On Tue, 16 Jul 1996, Dave G. wrote:
As far as I know, there is no buffer overflow in atoi() under linux. This rumor was started when there was a problem in some IRC clients. At the time I took a look at atoi() and strtol(). Not only were there no buffer overflows, there were no buffers at all :).
Well, the problem has not been sufficiently debugged. The fact that it only occurred in pre-5.3.9 ELF libc, and that it was universally resolved by upgrading the libc to 5.3.12 (really we did spend a fair amount of time verifying that behavior) seemed indicative of a library problem, and the atoi() diagnosis was volunteered by someone with more time on their hands, and possibly less skill.... :) lilo
Current thread:
- Re: identd hole? Bugtraq Archiver (Jul 15)
- Re: identd hole? Henri Karrenbeld (Jul 16)
- <Possible follow-ups>
- Re: identd hole? Jeff Uphoff (Jul 16)
- Re: identd hole? Dave G. (Jul 16)
- Re: [linux-security] Re: identd hole? lilo (Jul 18)
- Re: identd hole? der Mouse (Jul 16)
- Re: identd hole? Jacob Langseth (Jul 16)