[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Q:How can I determine if an if is up in C/C++ only?





mulix wrote:

> Gilad Ben-Yossef wrote:
> 
> <ifstat source snipped>
> 
>>    strcpy(ifr.ifr_name, argv[1]);
> 
> 
> this is broken. ifr.ifr_name is a char array of size IFNAMSIZ (which is
> defined to 16 in net/if.h- not a very long buffer). if the user supplies
> a long enough argv[1], you have your classic buffer overflow here,
> easily overwriting EIP.

Ha! You're onto my back door! ;-)))))

Gilad.


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il