Bug#497649: Broken security patch for WordNet
Nico Golde
nion at debian.org
Fri Sep 5 13:47:55 UTC 2008
Hi Andreas,
* Andreas Tille <tillea at rki.de> [2008-09-05 15:40]:
[...]
> This part of the patch is completely broken, breaks funktionality of
> wordnet test -synsn
> and I really wonder in how far a "strcpy(bufstart, tmpbuf);" is a
> security fix compared to "strncpy(bufstart, tmpbuf, strlen(tmpbuf));"
> Who did this patch????
As far as I know this was part of the patch by oCert.
However its not a security fix but just a cleanup as both
function calls are equal.
[...]
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/debian-science-maintainers/attachments/20080905/c6b2fe3a/attachment-0001.pgp
More information about the debian-science-maintainers
mailing list