| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040624223325.GA65109563@ohm.arago.de> From: full-disclosure at arago.de (Thomas Binder) Subject: Re: [FD] Evidence of a ISC being hacked? Hi! On Thu, Jun 24, 2004 at 03:38:27PM -0400, Valdis.Kletnieks@...edu wrote: > 1) The wrapper/define/handwaving discards it and prays. > > 2) The replacement function does a proper job of doing a full enough > emulation of vsnprintf to keep track of "length so far" and stop > when it gets full (not as easy as you might think - for fun, compute > how many bytes this takes: 3) Only useable on systems with /dev/null: fopen() /dev/null, vfprintf() to that handle and take the return value - it contains the number of characters written (or -1 on error). Then malloc() a temporary buffer to hold the complete output, vsprintf() to it and strncpy() to the destination array. Of course, this might not be a suitable solution in a performance sensitive application, but it's only a workaround for a missing function anyway. Ciao Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040625/38d831a1/attachment.bin
Powered by blists - more mailing lists