bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS_RSH env-var feature patch


From: Larry Jones
Subject: Re: CVS_RSH env-var feature patch
Date: Sun, 2 Sep 2001 19:19:23 -0400 (EDT)

Ellison, Martin [IT] writes:
> 
> I notice that you have redimensioned argv without changing any other code.
> Does this mean that the code is susceptible to an overrun attack?

Yes.  (The original code isn't, but the patch introduces a potential
buffer overflow bug and thus isn't acceptable.  I also question how much
need there is for the enhancement.)

-Larry Jones

I hate being good. -- Calvin



reply via email to

[Prev in Thread] Current Thread [Next in Thread]