[Asterisk-Dev] Re: Is anyone thinking anymore?

Sam Bingner sam at bingner.com
Sun Jul 25 14:24:29 MST 2004

Because when some strange person changes the size to 2 bytes in the future
to make it a 16-bit bitmap, it won't segfault...


-----Original Message-----
From: asterisk-dev-admin at lists.digium.com
[mailto:asterisk-dev-admin at lists.digium.com] On Behalf Of Tony Mountifield
Sent: Sunday, July 25, 2004 11:02 AM
To: asterisk-dev at lists.digium.com
Subject: [Asterisk-Dev] Re: Is anyone thinking anymore?

In article <200407251656.i6PGuCaa028305 at xa.houston.rr.com>,
Dr. Rich Murphey <rich at WhiteOakLabs.com> wrote:
> >From a practical standpoint, this also reduces the cost (effort,
> >time, etc.)
> for maintaining security audits.
> August is a popular month for exploits to be released.  I'm glad were
> better prepared.

How does using strncpy() to copy a constant 3-char+terminator string into
a 40-byte array make us better prepared?

Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org
Asterisk-Dev mailing list
Asterisk-Dev at lists.digium.com
To UNSUBSCRIBE or update options visit:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3047 bytes
Desc: not available
Url : http://lists.digium.com/pipermail/asterisk-dev/attachments/20040725/b54d8a1e/smime.bin

More information about the asterisk-dev mailing list