[Asterisk-Dev] Re: Is anyone thinking anymore?
Rob Gagnon
rob at networkip.net
Sun Jul 25 22:54:43 MST 2004
What happens when someone changes the 3-byte constant to a 42 -byte
constant?
----- Original Message -----
From: "Tony Mountifield" <tony at softins.clara.co.uk>
To: <asterisk-dev at lists.digium.com>
Sent: Sunday, July 25, 2004 4:02 PM
Subject: [Asterisk-Dev] Re: Is anyone thinking anymore?
> In article <200407251656.i6PGuCaa028305 at xa.houston.rr.com>,
> Dr. Rich Murphey <rich at WhiteOakLabs.com> wrote:
> > >From a practical standpoint, this also reduces the cost (effort, time,
etc.)
> > for maintaining security audits.
> >
> > August is a popular month for exploits to be released. I'm glad were
better
> > prepared.
>
> How does using strncpy() to copy a constant 3-char+terminator string into
a
> 40-byte array make us better prepared?
>
> Cheers
> Tony
> --
> Tony Mountifield
> Work: tony at softins.co.uk - http://www.softins.co.uk
> Play: tony at mountifield.org - http://tony.mountifield.org
> _______________________________________________
> Asterisk-Dev mailing list
> Asterisk-Dev at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-dev
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
More information about the asterisk-dev
mailing list