Full Disclosure mailing list archives
Re: Evidence of a ISC being hacked?
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Thu, 24 Jun 2004 23:39:56 +0200 (MET DST)
On Thu, 24 Jun 2004 Valdis.Kletnieks () vt edu wrote:
It's easier to just #define the critter than to re-re-invent the C code for vsnprintf() (which isn't always trivial, as your vsnprintf() has to play nice with the vendor's stdio - this can be .. umm... "interesting" if the innards of the vendor stdio are more bizzare than usual...
vsnprintf() does not have to "play nice" with stdio. It does not have to play with stdio at all. You don't need to mess with stdio in order to stuff some characters into an array.
Go ahead - go and re-write a vsnprintf, and compare that to the time it takes to do the #define
It is rather easy as long as everything you need are common string and integer directives. Indeed, floats are tricky. Exotic C99 is even more tricky. But I think the set of printf features required by dhcpd and similar programs is (or should be) pretty small. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: New malware to infect IIS and from there jump to clients, (continued)
- Re: New malware to infect IIS and from there jump to clients Nick FitzGerald (Jun 24)
- SV: New malware to infect IIS and from there jump to clients Peter Kruse (Jun 24)
- Re: SV: New malware to infect IIS and from there jump to clients Duncan Hill (Jun 25)
- Re: SV: New malware to infect IIS and from there jump to clients Nasir Ghaznavi (Jun 25)
- Re: New malware to infect IIS and from there jump to clients Gary Flynn (Jun 25)
- RE: New malware to infect IIS and from there jump to clients joe (Jun 25)
- Re: New malware to infect IIS and from there jump to clients insecure (Jun 25)
- Re: New malware to infect IIS and from there jump to clients Matt Power (Jun 27)
- Re: Evidence of a ISC being hacked? VX Dude (Jun 24)
- Re: Evidence of a ISC being hacked? Valdis . Kletnieks (Jun 25)
- IE exploit runs code from graphics? Larry Seltzer (Jun 24)
- RE: IE exploit runs code from graphics? Heather M. Guse Bryan (Jun 24)
- Re: IE exploit runs code from graphics? Nick FitzGerald (Jun 24)
- RE: IE exploit runs code from graphics? Larry Seltzer (Jun 24)
- Re: IE exploit runs code from graphics? Aditya, ALD [ Aditya Lalit Deshmukh ] (Jun 26)
- Re: IE exploit runs code from graphics? Jimmy Mitchener (Jun 26)
- Re: IE exploit runs code from graphics? st3ng4h (Jun 26)
- Re: IE exploit runs code from graphics? Valdis . Kletnieks (Jun 28)