[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing protection is wea
Re: lynx-dev lynx 2.8.x - 'special URLs' anti-spoofing protection is weak
Mon, 22 Nov 1999 21:08:25 -0600 (CST)
On Mon, 22 Nov 1999, T.E.Dickey wrote:
> > Actually, I forgot about the third nasty he finds, buffer overruns:
> there's fewer of them now, but probably impossible to remove all (if we
> can reproduce this one, we'll remove it).
Used with unchecked sprintf / strcpy / strcat.
Of course normally the data it operates on comes from local
configuration not from the network, so there won't be any strings that
overflow the buffer (unless you ask for it).