From: Matthias H. <ma...@ms...> - 2006-12-08 16:29:22
|
About half of all all strncat() calls had wrong size calculations (this is contra-intuitive, see man strncat) - I hope I got them all right now. The calls didn't seem security relevant to me, except for src/input/input_http.c, where I'm not sure. But please double check. Also, src/libw32dll/wine/module.c is probably coming from a different repository, I guess that should be changed upstream as well? CU Matthias -- Matthias Hopf <mh...@su...> __ __ __ Maxfeldstr. 5 / 90409 Nuernberg (_ | | (_ |__ ma...@ms... Phone +49-911-74053-715 __) |_| __) |__ labs www.mshopf.de |